"Local host" is no good,neither is "Local Users" Headers can be forged
fooling your server into thinking it's from your own domain. You MUST set
"Relay for Addresses" and add your local IP networks. This will require any
users outside your allowed address ranges to use SMTP AUTH.... You might
also set "Check Valid sender" which will cause the server to check the
address in the sender's "Reply to" or "Return address" field against it's
database.
I also recommend setting "Disable SMTP VRFY command" to keep your server
from verifying addresses of actual users.... Put these in place and ask
MAPS to re-test, you should come out fine after that...
Bob
> Hi ...
>
> I am trying to get my head around mail relay ... We want to block people
> from relaying off our server except for valid customers. I have set the
> option to be "Relay for Local Hosts", so far so good. But on checking it
via
> mail-abuse.org it says it is open. The message that got through was Mail
> From: spamtest@[0.0.0.0] Note: substituted 0.0.0.0 for proper IP address!
> So from this it would seem that the anti-relay option does not work, or am
I
> missing something???
>
> cheers
>
>
> Please visit http://www.ipswitch.com/support/mailing-lists.html
> to be removed from this list.
>
> An Archive of this list is available at:
> http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
>
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
An Archive of this list is available at:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
