Jake, thanks very much for help.
Just one more help on this. Just want to be sure that my understanding is correct ... so please correct me if i am wrong i read thru the docs and this is what was stated "During an SMTP session, when a sender identifies themselves, either via SMTP_AUTH, or via the message envelope, as well as a recipient, eMPF loads applicable message policies to determine if the sender is allowed to message the sender, and if the recipient is allowed to receive mail from the sender." so for example if a spammmer gets hold of any of my customers email id and password he cannot compose a mail from a...@hotmail.com or p...@yahoo.com (ie any domain not on my server) and then use the the above customers email id and password for an smtp authenticated session and start sending out emails thru my server ie only the domains (email ids) on my server can smtp auth and send out emails. is my understanding correct ? thanks rajesh > 24x7ser...@24x7server.net wrote: >> hi >> >> i will clarify myself >> >> i had a customer abc.com with email id ; u...@abc.com >> >> his machine got compromised >> >> and all of a sudden i found thousands of emails with the from email id >> as >> anyth...@yahoo.com, anyth...@hotmail.com etc started going thru the >> server >> and was authenticating using : u...@abc.com. >> >> since the normal installation of qmail will check the auth information, >> find it correct, check the from email ids and find that hotmail.com is a >> valid domain, will allow smtp authenticated relay. >> >> so basically what i need is to put a restriction that for an >> authenticated >> smtp session only the domains on my server can send emails >> >> rajesh >> >> >> > > To control what you want, you need the eMPF patch. There's instructions > in the archives and the wiki on how to install it. > The patch will be in the next update of Qmailtoaster, due in 2 weeks. > It's incorporated in my CentQMT5 ISO now (version 1.2.0 or later) or you > can add it in yourself, or you can wait 2 weeks for the package to be > released on the website. > > > --------------------------------------------------------------------------------- > Managed Qmailtoaster servers are now available > Visit http://qmailtoaster.com/QMTManaged.html to order yours today! > > Qmailtoaster is sponsored by Vickers Consulting Group > (www.vickersconsulting.com) > > Please visit qmailtoaster.com for the latest news, updates, and > packages. > > > To unsubscribe, e-mail: testing-unsubscr...@qmailtoaster.com > For additional commands, e-mail: testing-h...@qmailtoaster.com > > > --------------------------------------------------------------------------------- Managed Qmailtoaster servers are now available Visit http://qmailtoaster.com/QMTManaged.html to order yours today! Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: testing-unsubscr...@qmailtoaster.com For additional commands, e-mail: testing-h...@qmailtoaster.com
