>> But the problem that I'm seeing is someone externally can >> connect to this box and spam to our local domain.
That is normal - that's the definition of SPAM. Someone can connect and send mail to your local users. There's no way to prevent this per se unless you force all connections to autenticate - but that's not very practical. To limit the spam you receive, take a look at: 1) Turning on blacklisting 2) Turning on greylisting 3) Adding a spam filter like spamassassin I use a combination of #1 and #3, and block like 95% of the spam I receive, with very few false positives. (I am blocking like 85% of ALL mail I recieve ironically, which says something about the amount of garbage email floating around.) Matt <quote who="MrOzone"> > Ok that's good. But the problem that I'm seeing is someone externally can > connect to this box and spam to our local domain. But to spam through this > box you need to auth. Is it possible I am just missing a setting to say > sendine internaly or externally needs to auth? > > Thanks, > William > > On Thu, Apr 17, 2008 at 8:41 AM, Jay Lee <[EMAIL PROTECTED]> wrote: > >> MrOzone wrote: >> >> > Im having a bit of trouble trying to configure smtp so Im not a open >> > relay to send email externally but also internally too. >> > I have a server setup for users on the outside to send email through >> > it, but im trying to configure it so that everyone needs to do smtp >> > authentication except 1 ip range. Is this possible? >> > Users do need to smtp auth to send email through it, but the biggest >> > problem is spammers can connect to it and spam our company (to send to >> our >> > local domain you dont need to smtp auth). >> > >> >> Requiring smtp auth to relay is the default for Courier. You can add a >> range of IP's that are always allowed to relay by modifying the >> smtpaccess >> file. See the man page at: >> >> http://www.courier-mta.org/makesmtpaccess.html >> >> for details on the format of smtpaccess files and the making the data >> file. My suggestion though is to require auth for relaying on all but >> the >> dumbest of smtp clients which don't support smtp authentication (i.e. >> leave >> the smtpaccess file as a last ditch workaround). >> >> Jay >> >> -- >> Jay Lee >> Network/Systems Administrator >> Information Technology Department >> Philadelphia Biblical University >> >> > ------------------------------------------------------------------------- > This SF.net email is sponsored by the 2008 JavaOne(SM) Conference > Don't miss this year's exciting event. There's still time to save $100. > Use priority code J8TL2D2. > http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone_______________________________________________ > courier-users mailing list > [email protected] > Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users > ------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone _______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
