>Last week, a person was able to relay 300,000 emails through our Imail
>server. Our current relay is setup for USERS only.
So you were allowing him to send spam.
>The person was able to relay mail through our system by changing his computer
>name to a domain name in IMail, and creating an email account on his computer
>the same as an email account in one of our Imail domains.
No, it's not nearly that difficult. In their spamware, when asked "What
address do you want listed as the sender of the E-mail", they just entered
"[EMAIL PROTECTED]". No changing of computer names, no creating E-mail
accounts, no hacking involved.
>Since IMail was setup for RELAY FOR USERS ONLY, everything worked correctly.
That's correct. "Relay for users" means that you will let anyone relay if
they have an account on your server, or are willing to use an E-mail
address on your server.
>Even if we had setup IMail relay for HOSTS ONLY, the same thing would have
>occurred.
Quite true. "Relay for hosts" means that anyone can relay mail through
your server if they have an account on your server, or are willing to use a
made-up E-mail address on your server.
> We tried the NO RELAY option, but unfortunately, since the accept.txt
> file does not work for NO
>RELAY, none of our emails from WhatsUP Gold could be sent, and some of our
>third party applications like FrontPage etc... cannot use SMTP
>Authentication.
With "No Mail Relay", you don't use accept.txt -- it means that everyone
has to use SMTP AUTH.
"Relay for Addresses" does what you are looking for (although you don't use
the accept.txt file, you use the button next to "Relay for Addresses" to
list the "safe" IP addresses.
>It would be nice if the ACCEPT.TXT file would worked for NO RELAY but it
>doesn't.
No. "No mail relay" really means "Only relay for people using SMTP
AUTH". If IMail let certain users bypass it, then it would be "Relay for
Addresses" (which it already has).
>I'm a little upset about this because it was pretty simple for this person
>to do this ...
The problem is that IMail doesn't make it clear that several of their
anti-relay options don't prevent spammers from using your mail server. The
"Relay for Users" option isn't designed to stop spammers.
-Scott
---
Declude: Anti-virus, Anti-spam and Anti-hijacking solutions for
IMail. http://www.declude.com
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
An Archive of this list is available at:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
