Mailing List Message #92467
From: Robinson Maureira Castillo <>
Subject: Re: A script or a rule to block forged addresses ?
Date: Wed, 05 Sep 2007 12:29:59 -0400
To: CommuniGate Pro Discussions <>
Hash: SHA1

Bret Miller wrote:
> The filter would skip the tests if it the message was not submitted authenticated, so it would only apply to email submitted by valid accounts on your server. Force auth would take care of the rest.
> It's a fairly simple concept. You wouldn't want to "reject" the messages since the return-path is forged, but you could discard them and build a rejection notice to submit to the account used to authenticate.

I came up with the following script, it can be used along with this
global rule:

Header Field is Received:*account*HELO*
Header Field is not X-ForgeFiltered: yes

That way it will only apply to authenticated messages.

The script can be found here

I've done some tests using my personal account, with no problems so far,
but YMMV.

It uses the PIPE interface to re-submit the messages, if you're using
5.0x versions of CGP, you must change the extension of the submitted
file, from .sub to .msg

Any feedback is welcome, best regards
- --
Robinson Maureira Castillo
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora -

Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster