TMDA has an optional feature for applying a fingerprint to outgoing email. (See FINGERPRINT.) This only works if you use TMDA to manage all of your outbound email, either through tmda-sendmail or with tmda-ofmipd. This allows me to send email to myself without having to add myself in any of my whitelists. A common spam technique is to send the spam to and from the same address.
To get this to work, do the following:
- Set the FINGERPRINT variable in ~/.tmda/config. I use:
FINGERPRINT = ["message-id", "from", "date"]
- Add a line to your incoming filter to check the fingerprint against incoming email. I use:
pipe /usr/local/src/tmda/bin/tmda-fingerprint ok
There are a couple of odd things that don't work with this system:
- It always fails if you add "body" to FINGERPRINT. I don't know why
- WIth the above settings, and a completely empty body, it also always fails. Again, I don't know why.
Of course, a simpler way to handle this is described in theFAQ.
Here's the code for tmda-fingerprint