From: "Dan Clark"
eg: Nov 26 10:55:24 mail sm-mta[15318]: iAPLtBa7015318: from=
, size=982, class=0, nrcpts=1, msgid=<53fc01c4d339$34ac1af3$45006654(a)africon.co.za>, proto=SMTP, daemon=MTA, relay=[65.126.46.48] I would imagine a hell of alot of SPAM would be returned if our mail server was matching @fyna.com.au with the @africon.co.za and finding that they dont match? I hope I'm on the right track here.
The trouble is, they don't necessarily match, even on legitimate mail. The message ID is set by the first mail server to see the message (which could even be your own), and the hostname of the mail server needn't bear any relation to the email address of the sender. You'll have to wait for one of the "Sender ID" schemes being promoted currently to become a standard before there is any way to reliably check the legitimacy of envelope addresses. In the mean time, check out SpamAssassin(.org) if you haven't already... -Simon