Do your dial-up users always get the same IP? Are they served through DHCP across DUN?
I would remove all DUL addresses from the addresses list. Make the clients use SMTP AUTH. This is the only way to be sure of the indentification of your relay users. Its possible that another DUL user is getting (or remotely setting in order to spoof your system) a whitelisted address. The whitelist should contain as few addresses as possible, typically machines running automated processes which cannot do SMTP AUTH. Don't put your entire address range in the whitelist. Unless every machine needs to send mail. <$.02> To be as safe as possible, you need to be as pesimistic as possible. Assume every machine on the internet is after you... then think about security!! <$.02> Todd -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Matthew Kiessling Sent: Friday, November 16, 2001 1:39 PM To: [EMAIL PROTECTED] Subject: RE: [IMail Forum] SMTP Relay. What can we do better. Does anyone know of a command line parameter or a way in which I can setup a rule to Verify that an email being relayed from my server is an actual email address on my server? I am using the email for addresses option and I have all of the assigned IP address for my dial up users and my local users. However someone is still able to send spam off of my server using one of these IP addresses and the addresses they are using is "some Number"@"some other number".com and the numbers always change so I can't just block it out by name in the kill list. Also how can I track that email message and find out what the address that this user is sending from? I have looked into the logs but I am having trouble determining which message is from the spammer and I do not know how to trace it back. Please send suggestions. Thanks ---Matt Please visit http://www.ipswitch.com/support/mailing-lists.html to be removed from this list. An Archive of this list is available at: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Please visit http://www.ipswitch.com/support/mailing-lists.html to be removed from this list. An Archive of this list is available at: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
