Bypassing all rules |
Post Reply 
|
| Author | |
Stupid 
Senior Member 
Joined: 28 November 2005 Status: Offline Points: 127 |
 Post Options
 Thanks(0)
 Quote Reply
 Topic: Bypassing all rulesPosted: 01 December 2005 at 9:55am |
|
Is this behavior is by design? If I put, say "fbi.gov" in my White List, Excluded Domains, anybody who changes his return email address to xyz@fbi.gov will be able to go through?
|
|
 |
|
|
Desperado
Senior Member
Joined: 27 January 2005 Location: United States Status: Offline Points: 1143 |
Post Options
Thanks(0)
Quote Reply
Posted: 01 December 2005 at 11:04am |
|
Hmm ... Again, LogSat needs to verify this but .... I believe the "Excluded Domain / IP's" White list is looking at the actual connection domain so if an email *claiming" to come from blah@fbi.gov" but the SMTP connection is from optonline.com, Spamfilter should look at the source domain rather than the forged address. Once again, I may very possibly be wrong on this one. |
|
|
The Desperado
Dan Seligmann. Work: http://www.mags.net Personal: http://www.desperado.com |
|
|
|
|
LogSat
Admin Group 
Joined: 25 January 2005 Location: United States Status: Offline Points: 4104 |
Post Options
Thanks(0)
Quote Reply
Posted: 01 December 2005 at 3:39pm |
|
Actually if adding a domain in the Excluded Domain whitelist, SpamFilter will only check that the mail from address belongs to that domain. This is by design and cannot change, as the admin may wish for a site/company to bypass the filtering rules no matter where their users are connecting from. For this reason, we cannot perform any IP checks on the sender. If admins chose to a a domain to a sender whitelist, they need to be aware that anyone who is able to guess the whitelisted domain can then fake that email address to send them spam. |
|
|
|
Topic Options|
Post Reply
|
|
Tweet
|
| Forum Jump | Forum Permissions You cannot post new topics in this forum You cannot reply to topics in this forum You cannot delete your posts in this forum You cannot edit your posts in this forum You cannot create polls in this forum You cannot vote in polls in this forum |
This page was generated in 0.168 seconds.