Jay Lee wanted us to know: >Tinus Nijmeijers said: >> any traffic coming into the internal interface on port 25 where >> src!=mailserver gets redirected to the mailserver. >> Your external interface does come into the picture. >Yes, and in order for my mail server to accept the mail from >[EMAIL PROTECTED] going out to [EMAIL PROTECTED], the >visitor must either be authenticating via SMTPAUTH (not gonna happen, >visitor accounts are a pain) or my mail server must be configured to allow >relaying of non-local mail without authentication. Also, if the visitor's
Have all untrusted DHCP limited to a certain IP block. Configure only that block to do the redirection to your SMTP server. Rate limit the amount of emails that you relay from that IP block using whatever method you can, such as iptables or maybe even in your MTA itself, depending on its capabilities. >MUA is configured to use authentication against their ISP's real SMTP >server, the authentication would fail against my SMTP server. Yes, this is true. I can see why you're concerned about this one. > they are, I suppose I could configure the mail server to allow relaying >for all internal network addresses but that doesn't solve the AUTH >problem and it puts an unneccessary load on my servers. It also makes >my mail server the target of RBLs and anti-spam measures should a virus >or SPAM zombie slip through. Rate limiting those untrusted clients will save you from such wide exposure. >I downloaded ClamSMTP and installed it no problem, does exactly what I was >hoping for. That's a very good bit of info. When I do work for clients with Windows clients, I'll see if I can extoll some of the benefits of ClamSMTP. -- Regards... Todd OS X: We've been fighting the "It's a mac" syndrome with upper management for years now. Lately we've taken to just referring to new mac installations as "Unix" installations when presenting proposals and updates. For some reason, they have no problem with that. -- /. Linux kernel 2.6.8.1-12mdkenterprise 2 users, load average: 1.26, 1.29, 1.25 _______________________________________________ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
