I agree that Relay for Users only is a bad choice but can it also be used in conjunction w/ relay for addresses?
I have seen SPAM come through my mail server with a spoofed address but a bad domain name. If I force mail to have a legitimate IP address and Domain name I think I could further reduce any SPAM from getting out of my server. ---Matt -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Rod Dorman Sent: Wednesday, November 14, 2001 12:11 PM To: [EMAIL PROTECTED] Subject: RE: [IMail Forum] SMTP Relay. What can we do better. Bubba Smith wrote: > ... > Last week, a person was able to relay 300,000 emails through our Imail > server. Our current relay is setup for USERS only. The person was > able to relay mail through our system by changing his computer name to > a domain name in IMail, and creating an email account on his computer > the same as an email account in one of our Imail domains. Since IMail > was setup for RELAY FOR USERS ONLY, everything worked correctly. A prime example of why 'Relay for local users only' is a bad choice. > Even if we had setup IMail relay > for HOSTS ONLY, the same thing would have occurred. We tried the NO > RELAY option, but unfortunately, since the accept.txt file does not > work for NO RELAY, none of our emails from WhatsUP Gold could be sent, > and some of our third party applications like FrontPage etc... cannot > use SMTP Authentication. > > It would be nice if the ACCEPT.TXT file would worked for NO RELAY but > it doesn't. Accept.txt only works for HOSTS and USERS only. If > accept.txt did work for NO RELAY, we could put the IP addresses of our > internal systems in this file, and all users would then be required to > use SMTP Authentication. Problem Solved. So use 'Relay mail for Addresses' and enter the subnet or individual addresses your internal systems are on. -- [EMAIL PROTECTED] "The avalanche has already started, it is too Rod Dorman late for the pebbles to vote." - Ambassador Kosh Please visit http://www.ipswitch.com/support/mailing-lists.html to be removed from this list. An Archive of this list is available at: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Please visit http://www.ipswitch.com/support/mailing-lists.html to be removed from this list. An Archive of this list is available at: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
