Re: [IMail Forum] SMTP-Relay / Auth only FROM valid email Adresses

[Dave Doherty]

Hi Matti-

Once a host logs in, it owns your SMTP service and can send what it wants 
where it wants, at least as far as I know.

I would suspend the customer's SMTP privileges and tell them they have a 
major problem they need to fix. If you let them continue on like this, you 
will wind up on blacklists and effect your own domain and all your other 
customers. The pain of maybe losing a customer is much less than the pain of 
getting off a bunch of blacklists. And they will never fix the problem if 
you compensate for them.

-Dave Doherty
Skywaves, Inc.



----- Original Message ----- 
From: "Matti Haack" <[EMAIL PROTECTED]>
To: <Imail_Forum@list.ipswitch.com>
Sent: Monday, March 27, 2006 3:58 AM
Subject: [IMail Forum] SMTP-Relay / Auth only FROM valid email Adresses


Hello,

I have some problem with the way IMAL (8.x) handles SMTP-Auth email. A
customer  from  us  seems to have a compromised host, which sends Spam
evry two weeks or so trough their local gateway - which is relayed over 
our IMAIL Server.

Their  Mail  server requires no authentification for their local hosts
to send mail - and does not sort out any invalid Mail-Froms.

So  this  compromised  host sends mail to thier internal gatway, which
relays  the  mail  with  smtp-Auth  to  our  imail  -  The  dictionary
attack-style  Spam  fills  our mail queue with spam and bounces to the
fake from adress...

Is  there a possibility to reject mails from a host which connects via 
smtp-auth, if
the mail-from is not exisiting on the Server?

We host some hundred virtual domains on one IPed host...

Greetings
        Matti


-
Matti Haack - Hit Haack IT Service Gmbh
Poltlbauer Weg 4, D-94036 Passau
+49 851 50477-22 Fax: +49 851 50477-29
http://www.haack-it.de



Dieses Dokument ist ausschliesslich fuer den Adressaten bestimmt.
Jegliche Art von Reproduktion, Verbreitung, Vervielfaeltigung, 
Modifikation,
Verteilung und/oder Publikation dieser E-Mail-Nachricht ist untersagt,
soweit dies nicht  ausdruecklich genehmigt wurde. Jegliche Haftung fur
Ansprueche,  die aufgrund der Kommunikation per E-Mail begruendet
werden koennten, ist ausgeschlossen, soweit der Haftungsausschluss
gesetzlich zulaessig ist.

-- Ausgehende E-Mail wurde auf Viren gescannt  --
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/



To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/