Thanx Len for your help.. BUT.. > and force everybody to authenticate. How to force them to authenticate??? I mean which option under SMTP Security....
Regards,, Magdy ----- Original Message ----- From: "Len Conrad" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, February 24, 2003 10:45 AM Subject: Re: OSRELAY:Re: [IMail Forum] SMTP Problem (1)! > > >- Since first time we installed Imail we run "Relay mail for addresses" > > ok > > >- I did not say that I want to prevent anyone from send to my local users... > >But my case is: any can dail to my system using username and password OR > >using our free internet feature, then open his outlook express, create a > >non-exist Email account then configure it to use out SMTP to send emails > > only if he is on your relay for addresses, where you trust anybody to do > anything as [EMAIL PROTECTED] > > > So > >he will be able to use My mail server without real mail account.... > > aka "do anything" as long as on one of your "relay for addresses". this is > why you should restrict "relay for addresses" to almost nothing, and force > everybody to authenticate. this way you have log trace of their ip and > authentication and can easily trace any abuse. > > > This is > >the case.. Why Imail server cannot prevent non-existing username from using > >it for sending outgoing mails to anyone if that usename does not exist in > >Imail DB??? > > simply because it doesn't. This very point came up a couple of weeks ago, > where someone wanted to be able to force all users to send as > [EMAIL PROTECTED], that is, prevent forgery of the envelope sender. > > >meaning: Imail should check if that sender already exist in its DB , then it > >will allow him to send emails. > >Else: prevent the sending process... > > > >I hope that will explain what I am asking for > > it's more clear now, finally, and the answer is that any user sending from > your "relay for addresses" or after authentication, can send as any > envelope sender. no way to stop it. > > The best you can do is force every body to authenticate by restricting your > "relay for addresses" to > > An add-on solution is to install IMGate which can "check_sender_access" for > your ip's and force any mail sending from your ip's to be in "your_domains" > and even in "[EMAIL PROTECTED]". > > oops, IMGate is yet again an accidental solution looking for unforeseen > problems. :)) > > IMGate can also reduce forgeries of your domains (ie, the opposite problem: > people sending as @yourdomains when they are not!) by spammers sending to > IMGate as MX for all your domains. > > Len > > > To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html > List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ > Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ > To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
