      sfcmilter - sender-forgery-checker mail filter module

Sendmail includes a facility for plugging in custom mail filters,
called milters.  It's documented here: http://www.milter.org/milter_api/
Sfcmilter is a plug-in that checks whether the SMTP-level mail
sender is the same as the headers-level mail sender.  It is intended
to be used in conjunction with spfmilter. Spfmilter only checks the
sender address in the SMTP transaction - that's not a bug, it's
just how SPF is defined. But it does leave you open to messages
which use an honest SMTP-level address but fake the address in the
message itself. Sfcmilter closes this hole by checking that the
address in the message matches the address in the SMTP transaction.

Since spfmilter doesn't need to look at the message body, it's more
efficient to run; therefore, you should run spfmilter first. Any
messages that spfmilter lets through then get checked by sfcmilter,
and if they are possible forgeries sfcmilter will add a header
saying "X-Sender-Check: possibly forged". Then a third layer of the
delivery process, such as bogofilter or spamassassin can look for
that header and weigh it appropriately to decide if the message is
junk or not.

See the manual entry for more details.

Feedback is welcome - send bug reports, enhancements, checks, money
orders, etc. to the addresses below.

    Jef Poskanzer  jef@mail.acme.com  http://www.acme.com/jef/
