Using an SMTP resource as you describe can cut down on relaying, but not eliminate it. Spammers can still use a nonexistent address on your domain plus additional outside recipients to get their relay through. I get something like this weekly:
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Bcc: [EMAIL PROTECTED]; [EMAIL PROTECTED]; ...
(Of course the BCC line is not actually part of the headers, but tracking messages through Exchange shows me it's there.)
FW1 will let the mail through because the To: is in your domain, but the additional recipients have to get caught by your MTA or relaying occurs.
Ross Presser * MIS Technician * Imtek, Inc.
[EMAIL PROTECTED] * http://www.imtek.com
> -----Original Message-----
> From: Ben-Hur, Shlomi [mailto:[EMAIL PROTECTED]]
> Sent: Sunday, June 11, 2000 3:53 AM
> To: [EMAIL PROTECTED]
> Subject: [FW1] Anti-Relaying blocked by FW
>
>
>
> Hi all,
> I'm using FW 4.0, SP6 on an NT machine.
> We're contemplating on how to implement anti-relaying to the system.
> Off course you can use your MTA to do that. Is there any
> specific way why I
> shouldn't block incoming e-mail to the system on the FW just
> by stating an
> SMTP rule with a resource that states: any SMTP-Host SMTP-->Resource
> Accept, where the resource states only the domain name that
> I'm using. This
> way incoming e-mail to my domain shall pass to my SMTP-Host
> and all other
> shall either fall on my clean-up, or on a specific SMTP drop rule.
> Any ideas?
>
> Regards,
> Email: [EMAIL PROTECTED]
> <mailto:[EMAIL PROTECTED]>
>
>
>
> ==============================================================
> ==================
> To unsubscribe from this mailing list, please see the
> instructions at
> http://www.checkpoint.com/services/mailing.html
> ==============================================================
> ==================
>
