Ken Lin wrote:
Stefano:
Here is the actual scenario I try to prevent: Let's say I use james email server at corporation xyz.com. A hacker/email worm program telnet to SMTP port (inside or outside the corporate firewall), uses one of the employees' email address as "from" address (say [EMAIL PROTECTED]), and sends another employee an email. You can see how this is clearly dangerous because a hacker/email worm can impersonate anybody in corporation.
As my server is configured now, it will allow this attack because (a) IP-based authentication is unreliable at all because attacker or worm could be inside or outside corporate firewall
(b) SMTP authentication is not required because RCPT TO address contains
"@xyz.com"
I would like to disable all relaying if both conditions are true:
* The "from" address contains @xyz.com
* The sender is not authenticated.
How can I achieve this goal?
currently mail will be sent to the "transport" processor when ready to
be sent.
You should create a new "sendercheck" processor in the process.
<processor name="sendercheck">
<mailet match="SMTPAuthSuccessful" class="ToProcessor">
<processor>transport</processor>
</mailet>
<mailet match="SenderHostIs=xyz.com" class="ToProcessor">
<processor>error</processor> (you can change the ToProcessor to
something else, or change the processor to your needs).
</mailet>
<mailet match="All" class="ToProcessor">
<processor>transport</processor>
</mailet>
</processor>
Then you change the current calls to processor "transport" to calls to
the "sendercheck" processor.
Stefano
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
