On Fri, 2013-08-23 at 20:00 +0200, Alessandro Vesely wrote: > > Unfortunately, I hadn't updated MYSQL_SELECT_CLAUSE which > > had been copied from a previous courier installation on another server > > which didn't look at my auth flag. The result was that one of my > > customers got her computer infected with a key-logger and her IMAP > > credentials were used to pwn my SMTP server and send out huge quantities > > of spam! My server got blacklisted! > > Do you mean you wouldn't have conceded the relay auth flag to that user > of yours? Based on what, if you don't mind my asking? You may be able > to estimate who is more likely to catch a key-logger, but there's no way > to tell for sure...
As a rule, I don't provide SMTP services to any FMP customers by default. Since FMP is an IPP, not an ISP, I encourage users to use the SMTP services provided by their ISPs. Clients with special needs, such as those with field reps who do a lot of moving around, can subscribe to SMTP service from FMP's Courier server for a small additional fee which gives them a single central SMTP server and auth which they can use anywhere they go. Individual user mailboxes aren't enabled for SMTP. Each organization which needs SMTP access has a single id in the Courier MySQL auth database, e.g. smtp.example.com, for which SMTP is enabled and which is used by all computers in that organization needing authenticated SMTP. At this time I have only one company account needing this service. Granted, this might make it more difficult to isolate a rogue desktop box in an organization where the SMTP login is shared, however isolating the login for SMTP from logins for reading inbound email substantially reduces the chance of key-logger interception since IDs and passwords for inbound connections are more likely to be keyed in than are SMTP auth tokens, which are generally stored as a site property in mail clients and not entered each time they're needed. > > Fortunately, courier logs the user IDs for authenticated SMTP access, > > and places the same information in the Received header added by the SMTP > > server. > > Here are three features that just come to mind: > > * Spamfilter on outgoing mail, > > * auto-honeypot rather than auto-block --useful to report abuse--, > > * per user limit on messages --the numeric equivalent of your flag-- > possibly allowing users to set their limit for some limited amount of > time. > > Thoughts? Should it become necessary or advisable, I like the idea of some kind of per-user limit as a backstop. It shouldn't be difficult to program at all. If smtp.example.com gets more than X hits in a 24 hour period to send mail, the auth_smtp flag gets set to a value which disallows SMTP use and sends me and the account owner an email stating what happened. When the 24 hour period has passed, auth_smtp is turned back on. -- Lindsay Haisley | "UNIX is user-friendly, it just FMP Computer Services | chooses its friends." 512-259-1190 | -- Andreas Bogk http://www.fmp.com | ------------------------------------------------------------------------------ Introducing Performance Central, a new site from SourceForge and AppDynamics. Performance Central is your source for news, insights, analysis and resources for efficient Application Performance Management. Visit us today! http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk _______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
