Le 07/09/2010 23:36, Jan-Frode Myklebust a écrit :
On Tue, Sep 07, 2010 at 08:20:36PM +0200, Jeroen Geilman wrote:
On 09/07/2010 06:57 PM, mouss wrote:
OP is an ISP providing outbound relay to residential users. his
problem is not easy to solve.
Thanks for understanding. I´ve gotten information off list that gmail
are setting the sender to the gmail authenticated user when sending from
non-gmail addresses. So I´m at least not alone in thinking this should
be a good solution.
forget about gmail. you have a serious problem, and the solution isnt'
gmail. gmail is a public provider, you are not. you have a different
problem, and a serious one. most of us want you to block outound spam
(by blocking port 25 and filtering outbound mail). not easy...
do not try to rewrite mail headers. this is the wrong approach. headers
are specified by that who writes the message. instead, detect abuse/spam
by counting the number of messages sent from a given IP and block the IP
if it exceeds its quota. (block all its communication, not just smtp).
Also I believe you have to pre-register any address you want to send
from trough gmail, which sounds like we could use postfix´
smtpd_sender_login_maps to implement a similar solution.
Residential users don't often have their own mail servers/domains.
Limiting these to sending with their true ISP address is fairly common.
(And just about the only sane way to implement this kind of relay)
In Norway all/most ISPs are forcing their residential users trough the
ISP`s smarthosts. Outgoing port 25/tcp is blocked. So users are not
allowed to run their own mailservers. I can´t justify also requiring
all users to use the ISP´s mail addresses.
-jf
