Considerations in blocking SPAM and how e-mail messages can be 'spoofed' to appear to come from someone other than their actual sender.
Sometimes it is difficult to validate the
actual origin of a mail message. The contents of the message (and how it is viewed
in the mail client) has virtually nothing to do with where the message
actually came from. The analogy is an envelope and a message. An envelope can be sent
to a person, but the letter itself could contain a message for another person.
If you throw the envelope away, then you have little proof as to who the
message actually came from. This is very much what happens with mail. Spammers send
a message and they envelope to your actual address, however, the message inside
the envelope actually says that the message is from someone else.
Here is an example:
SMTP Server receives mail from User1 to User@yourdomain.com.
The contents of the message/message headers sent in
the SMTP transaction contain the following:
Subject: This is spam
For example, it is possible to blacklist Whereeveryouwant.com; but this will not block the incriminating e-mail, as you actually need to blacklist User1 (or the IP address that the person is sending from).
The solution is to work out exactly who is sending
these messages and what IP address they are sending them from. Unfortunately,
when the message is received in the mailbox, virtually all envelope information
has been lost. It only resides in the MailEnable logs (MailEnable does allow you
to do reverse lookups on sender addresses and require PTR records - and this is
the best way to get around this problem).
The domain blacklisting (as opposed to Reverse DNS Blacklisting) feature is not intended to fight spam. It is more to stop users receiving mail from legitimate (i.e.: non spoofed) domains. It has limited effectiveness in preventing SPAM from spammers who can masquerade their domains as whoever they want.
Blacklisting mechanisms: Article ME020084
|Product:||MailEnable (Custom: Custom: Custom: Custom: Custom: Custom: All Versions)|
|Keywords:||SPAM spoof blacklist ban domain black-list domains blacklisted|
|Class:||INF: Product Information|
|Created:||16/06/2003 8:53:00 PM|
|Revised:||Wednesday, May 4, 2016|