Print Page | Close Window

Bypassing all rules

Printed From: LogSat Software
Category: Spam Filter ISP
Forum Name: Spam Filter ISP Support
Forum Description: General support for Spam Filter ISP
URL: https://www.logsat.com/spamfilter/forums/forum_posts.asp?TID=5400
Printed Date: 18 April 2025 at 9:56pm


Topic: Bypassing all rules
Posted By: Stupid
Subject: Bypassing all rules
Date Posted: 01 December 2005 at 9:55am
Is this behavior is by design? If I put, say "fbi.gov" in my White List, Excluded Domains, anybody who changes his return email address to mailto:xyz@fbi.gov - xyz@fbi.gov will be able to go through?


Replies:
Posted By: Desperado
Date Posted: 01 December 2005 at 11:04am

Hmm ... Again, LogSat needs to verify this but .... I believe the "Excluded Domain / IP's" White list is looking at the actual connection domain so if an email *claiming" to come from blah@fbi.gov" but the SMTP connection is from optonline.com, Spamfilter should look at the source domain rather than the forged address.

Once again, I may very possibly be wrong on this one.



-------------
The Desperado
Dan Seligmann.
Work: http://www.mags.net
Personal: http://www.desperado.com

Posted By: LogSat
Date Posted: 01 December 2005 at 3:39pm

Actually if adding a domain in the Excluded Domain whitelist, SpamFilter will only check that the mail from address belongs to that domain. This is by design and cannot change, as the admin may wish for a site/company to bypass the filtering rules no matter where their users are connecting from. For this reason, we cannot perform any IP checks on the sender.

If admins chose to a a domain to a sender whitelist, they need to be aware that anyone who is able to guess the whitelisted domain can then fake that email address to send them spam.



-------------
Roberto Franceschetti

http://www.logsat.com" rel="nofollow - LogSat Software

http://www.logsat.com/sfi-spam-filter.asp" rel="nofollow - Spam Filter ISP


Print Page | Close Window