Path validation manual techniques
|Anti-spam technique: Path validation manual techniques|
|Date of first use:||late 1990s|
|Difficulty of implementation:||Low to do poorly, High to do well|
It is possible albeit labor-intensive to make specific checks for known senders. For example, domain paypal.com sends all of its mail from servers with names of the form host.tla.paypal.com where tla is a three letter city code. It is not hard to write a filter that checks the Received: line in mail with paypal.com return addresses to ensure that it came from one of those servers. This is quite effective, at least until Paypal changes server names or outsources some of their mail.
This can be useful for a few heavily phished domains, but the work involved makes it impractical in general. To the extent it validates the sending host, it is in effect a manual version of SPF.