> ----- Original Message -----
> From: Jochem van Dieten
> Date: Sat, 25 Sep 2004 02:11:20 +0200
>
>> That is no protection against relaying, there is a reason why all
>> the standard relay tests use addresses from a local domain.
>> Everybody can fake an email address (isn't that what you are
>> doing yourself?).
>
> No, we're using a real address. The mail server is set to require a
> real account (which is why the from address is
> "[EMAIL PROTECTED]" - that's a real account). Of course,
> that doesn't prevent spammers from trying to use our domain with that
> e-mail address (which is probably a pretty common account name).
[EMAIL PROTECTED] is required to exist. So if that is all,
there is a 100% guaranteed way to bypass your relay 'protection'.
>> Fix your mailserver, it is easier.
>
> For now, the mail server isn't under out control. I've only recently
> joined the company, but aparently the relay setting is a fairly recent
> one. In the next two months, we're changing hosts and to a dedicated
> hosting solution (where we'll have more control). From what I
> understand, our current settings are much like any other "prevent
> relay" settings that I'm aware of, where the from addresses have to be
> actual accounts.
Relay settings are almost always:
- allow if from our IP space
- allow if authenticated
The from address is fakeable and thus not an acceptable way to
authenticate.
> Based on what you've said, my guess is that MS Exchange is the
> culprit.
Close port 25 on the CF machine for everything except localhost
using a firewall, then run IIS SMTP on it and relay your email
through there.
Jochem
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings] [Donations and Support]
