Yes, anyone should be able to send mail to users in my domain, that's right... but the problem is with the "jokers". i.e. one valid user, user1, want's to send a fake mail to user2. He could create one fake account (user3) from my domain in his MUA (evolution, kmail, etc...), and not use authentication for smtp. He could send without problems a mail from [EMAIL PROTECTED] to [EMAIL PROTECTED] That is what it seems to me. Can be avoided that?
Yes. Make sure that you're running identd on the server. Then:
A) If the user sends mail using the sendmail command, the userid will be shown in the headers.
B) If the user sends mail by connecting to port 25, using either 127.0.0.1, or your external IP address, the sender's userid will be provided by identd, and stamped in the headers of the mail.
C) If the user connects from an external IP address that you've granted relaying privileges, you must then have logs that record who was using the IP address at the time.
D) If the user connects from a foreign IP address, then this is no different than anyone else sending a message with randomly-generated From: header. As such, your recipient should simply be educated that anyone on the Internet can send E-mail, while pretending to be Santa Claus.
pgp00000.pgp
Description: PGP signature
