> Unfortunately, some spammers look up the DNS and instead of using > the MX record they try the alternate host records such as "mail" or > "pop" which point to our mailbox server and then try to connect to > deliver their spam.
They've been doing this for a while. And don't kid yourself: if you're listening on TCP 25, it doesn't matter what A record you have (or no record at all). > If we could set iMail to only allow incoming authenticated sessions, > it would block these connections. We can't use IP addresses because > we don't know the IP's of our clients and it varies. A realistic target, since Ipswitch doesn't look to be adding this function _by design_ anytime soon, could be setting up an MTA for which your domains are considered remote--thus implicitly requiring authentication for everyone--which accepts the same (or reasonably similar) usernames and identical passwords to those honored by your mailbox server. And the ease of deploying such a solution depends on which IMail userbase option you are using: if you are using ODBC or NT-integrated userbase, you can set easily up a dummy domain on a dedicated submission-only server that hits the same userbase back end, thus allowing users to use the exact same simple username and password (if you have only one domain) or a slightly adapted username such as [EMAIL PROTECTED] and the same password (for multiple domains). If you are using NT-integrated, in fact, you can use MS SMTP on the mailbox server to serve the same purpose. If you're using the IMail native userbase, however, such relative simplicity will eluse you. > Is there any port forwarding utility that can sniff packets and > block non-authentication sessions or is there any other solution > than waiting for imail to have an "accept only authenticated smtp > connections" option? Well, you can do all kinds of things with application-level firewalls, like with CheckPoint's INSPECT language, but I wouldn't freak out about that now. --Sandy ------------------------------------ Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] SpamAssassin plugs into Declude! http://www.mailmage.com/products/software/freeutils/SPAMC32/download/release/ Defuse Dictionary Attacks: Turn Exchange or IMail mailboxes into IMail Aliases! http://www.mailmage.com/products/software/freeutils/exchange2aliases/download/release/ http://www.mailmage.com/products/software/freeutils/ldap2aliases/download/release/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
