>We are running Imail 6.04 on win2k sever. I have been examining our logs
>and a see a *huge* volume of entries such as those listed below. Okay,
>clearly our Imail server is being used as a SPAM rely.
That sounds correct. You are listed in several spam databases.
>SMTP relay is set for "Local Users Only"
Which means "Spammers are allowed to use our system for free, if they are
willing to pretend to have addresses here."
>SMTP AUTH and VRFY are disabled
SMTP AUTH shouldn't be disabled -- that allows your users to authenticate.
>What else can I possibly do to prevent this!?
You run an open relay, which means you offer free mail services to
spammers. The good news is that you don't like that idea and want to close
your open relay. To do that:
IMail's SMTP Security options have a number of relaying choices. Of them,
only 2 can be used safely (the rest cause you to be an open relay). The
two safe options are "Relay for Addresses" and "No Mail Relay".
If you use IMail's "Relay for addresses", you would enter a list of "safe"
IP addresses that your users may come from; anyone not coming from those
safe IPs would need to use SMTP AUTH. If you use "No mail relay", everyone
must use SMTP AUTH to relay mail. Note that relay settings apply only to
outgoing E-mail, so no matter what your settings are, your users will still
be able to get mail.
So to reiterate: "Relay for Addresses" or "No Mail Relay" are safe;
everything else will get you listed in a number of spam databases.
-Scott
---
Declude: Anti-virus, Anti-spam and Anti-hijacking solutions for
IMail. http://www.declude.com
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
An Archive of this list is available at:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Please visit the Knowledge Base for answers to frequently asked
questions: http://www.ipswitch.com/support/IMail/
