>to relay for local hosts seemed to work.
all headers are spoofable
>However, I recently found out that mail from my domain was being rejected as
>I had been put on the RSS list.
They know your @domain.com name, say emailclub.com, so all they do to test
your relaying defense is to spoof
MAIL FROM: [EMAIL PROTECTED]
RCPT TO: [EMAIL PROTECTED]
Imail sees [EMAIL PROTECTED] as a 'local host' and relays. boom,
they've detected your open relay. Relay for local users and hosts is
totally useless. sooner or later, you'll get stung
>In order to get my server removed from the RSS (Relay Stopper Service at
>http://www.mail-abuse.org) I've had to tighten up my security to only allow
>relaying from authorized users (not hosts).
see above.
>To allow my users to send mail from these aliases, I have had to put them
>ALL into an "accept" file. Is
>there anyway to have this accept file automatically sync with the defined
>aliases for the domain?
I haven't seen anybody mention that.
>It will be an administrative nightmare to keep them synced up manually, but
>I can't afford to wind up on the RSS list again.
The only reliable solution is 'relay for addresses' + UNcheck 'Disable SMTP
AUTH' + have all your mail users use SMTP AUTH for their outgoing mail.
Len
Len
http://BIND8NT.MEIway.com: ISC BIND 8 installable binary for NT4
http://IMGate.MEIway.com: Build free, hi-perf, anti-spam mail gateways
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
