Path validation manual techniques

From ASRG
Jump to navigationJump to search
Anti-spam technique: Path validation manual techniques
Date of first use: late 1990s
Effectiveness: Low
Popularity: Medium
Difficulty of implementation: Low to do poorly, High to do well
Where implemented: MTA/MUA
Harm: Low

It is possible albeit labor-intensive to make specific checks for known senders. For example, domain paypal.com sends all of its mail from servers with names of the form host.tla.paypal.com where tla is a three letter city code. It is not hard to write a filter that checks the Received: line in mail with paypal.com return addresses to ensure that it came from one of those servers. This is quite effective, at least until Paypal changes server names or outsources some of their mail.

This can be useful for a few heavily phished domains, but the work involved makes it impractical in general. To the extent it validates the sending host, it is in effect a manual version of SPF.