> understand, our current settings are much like any other "prevent
> relay" settings that I'm aware of, where the from addresses have to be
> actual accounts.
As Jochem has pointed out, this is absolutely no protection whatsoever
against relaying. Either there is more to this than you are aware of
or the mail server admin isn't aware of how mail servers work.
To protect against relaying, you have to enable -- and enforce -- SMTP
AUTH: every sent mail message has to be authenticated with the
correct username and password for the sending account. CF 6.1 finally
supports this, but earlier versions didn't; necessitating -- typically
-- the allowance of mail traffic from the cf server's IP (which
hopefully is inside a single local network) without authentication.
--
--Matt Robertson--
MSB Designs, Inc.
mysecretbase.com
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings] [Donations and Support]
