views:

296

answers:

1

Hello,

I have applied the following filters (milters) in my Postfix incoming mail server:

  1. DKIM milter
  2. SenderID milter
  3. SPF policy.

All three append headers in the received e-mail regarding their checks.

I want to know how much protection do these provide me against spoofing and do i need something more?

Thanks in advance.

Ashish

A: 

Answer to my post is as follows:

  1. DKIM is not effective against spoofing as it's a means to check for non-repudiation of the email message and to verify the integrity and origin of data.

  2. SenderID and SPF are 100% effective against spoofing only when the mail server whose mail account being spoofed has implemented SenderID or SPF.

    i.e if a mail server is receiving mail on behalf of such mail server that has SPF or SenderID implemented then the receiving mail server can assure itself against spoofing by checking for later mail server's SPF or SenderID record.

Now since SPF and SenderID are not in e-mail must haves

and SMTP also doesn't care for sender authentication in the protocol itself ,

so a lot of mail server don't implement any of these

and with these three filters alone one can't be 100% sure that a particular mail being received on behalf of a given e-mail domain actually belongs to that e-mail domain or not, for all of the available mail servers on the internet.

Ashish

related questions