I'm running James a2 with SMTP Auth turned on, and if you try to send an email to a _non local address_ when the RCPT TO:<[EMAIL PROTECTED]> the server imediately replies "530 Authentication Required"
However if I send a RCPT TO:<[EMAIL PROTECTED]> it doesn't require authentication; if it did, how would anyone get e-mail? Clint -----Original Message----- From: Randahl Fink Isaksen [mailto:[EMAIL PROTECTED]] Sent: Wednesday, May 22, 2002 1:11 PM To: 'James Users List' Subject: RE: Relay prevention Hi Danny and Noel Regarding the Spamlart test: I understand that JAMES may not transmit a mail even though it might seem so to the client. Without having any thorough insight into the design behind JAMES, I wonder if it would not be better for JAMES to respond immediately to the client with an "authorization required" or a similar clear message that indicates that spamming is not allowed. It is really a question of do we want to inform the spammers that their spamming failed? One could argue that it should be made hard for a spammer to figure out whether his spamming attempt succeeded, however, I think it is a waste of valuable clock cycles to have them keep on trying. Also, if JAMES was more clear in its client responses I would feel more certain that none of the on-line lists of open relays would list a JAMES mail server by mistake. Again, I am aware that there might be some design reasons to why JAMES responds the way it does - still, would it not be an advantage if it worked differently? Yours Randahl -----Original Message----- From: Noel J. Bergman [mailto:[EMAIL PROTECTED]] Sent: Wednesday, May 22, 2002 19:19 To: James Users List Subject: RE: Relay prevention > Moreover the open relay database at www.ordb.org has now blacklisted my > JAMES installation I'll check my test system against ordb.org later. > testing it with spamlart made it flunk bigtime. > http://www.paladincorp.com.au/cgi-bin/spamlart.cgi?DESTINATION=test.rock it.d k It appears that spamlart bases its test upon the response during mail submission. As noted in the James FAQ, James (and it is not alone in this regard) performs mail filtering after the message is received. Spamlarts tests could form the basis for a Spam filter similar to that present in NESSpamCheck, but those rules would be processed during the delivery process, not the SMTPhandler. --- Noel -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
