We are an ISP, we do not have any dail up users, but we do provide hosting services.
We have a problem with bulk emails send through our mail server, Using IMail v5. In the control panel under SMTP security we have the following settings checked: Refuse NULL<> Senders, Check valid sender and Auto-deny possible hack attempts.
Under "Mail Relay Options" we have the "Relay mail for anyone" checked.
this is the pb. You are an "open relay", you will get both spammed and blacklisted in MAPS or ORBS, later if not sooner.
If we check the "Relay for local hosts only"
this is useless. the header "MAIL FROM: [EMAIL PROTECTED]" is easily spoofable, forgeable.
then our users can only send mail through our server to other users from us, and not to anyone else that do not have a domain hosted with us, the same goes for "Relay for local users only".
same weakness as "Relay for local hosts only"
We cannot provide a service to our customers where they can only send emails to our users, they need to be able to send mail to anyone they like, but e do not want non-clients to send mail through our server.
After 1 year I still have not been able to find the solution to this. Is there anyone out there that can help?
It's very easy technically, because their is only one reliable solution:
1. In Imail, set "relay for addresses", and add in your local ip addresses, and
2. Uncheck "Disable SMTP AUTH reporting". These technical setups on your server are easy.
3. For all of your Imail users, they must use SMTP AUTH to send mail to your Imail server. This is troublesome since you have to educate your users to setup SMTP AUTH in their mail client programs.
Unfortunately, as you have found out, all other SMTP Security settings are useless for public Imail servers.
Len
http://BIND8NT.MEIway.com:
ISC BIND 8.2.2 p5 installable binary for NT4
http://IMGate.MEIway.com: Build free, hi-perf, anti-spam mail gateways
