----- Original Message ----- From: "bill parducci" <[EMAIL PROTECTED]> > i have been playing with james (2.1) and am wondering if i have > misconfigured my server because i don't see protocol level reject of > [open] relay requests, but rather it forwards such requests to the spam > .. > > i am concerned about this since most > automated open relay tests would consider this an open relay because > they are looking for a 550 response in this situation.
There is a free open relay test available at http://www.ordb.org/submit/ A lot of closed relay servers have the same characteristic as James so realistically you don't have to worry about it from open relay perspective. >From a security perspective it may actually be a better configuration than protocol level rejection. Protocol level rejection provides an easy way to verify if an employee/account exists or does not exist. Currrent configuration does not as easily expose this information. I do think for large volume sites like yahoo etc. protocol level rejection is better, but I am not sure if it matters to a lot of deployments. Harmeet -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
