Right-o, Sebastian. :) Boris, once you have all your users authenticating, you'll want to *blacklist* your local domains. This will block emails where the senders are faked with your domain.
-- -Eric 'shubes' Sebastian Grewe wrote: > That would still require your clients to actually enable SMTP > authentication on their end to do the process of authentication. They > have to send the username and password and once approved they are > allowed to send. > > On Thu, 2010-05-20 at 19:58 +0200, Boris Hinzer wrote: >> We are running standard Plesk qmail and also have SMTP auth enabled. >> >> >> Am 20.05.2010 um 19:40 schrieb Eric Shubert <[email protected]>: >> >>> I believe Sebastian's right. Greylisting won't come into play if the >>> sender is authenticating successfully. Your problem is that >>> authentication isn't happening, for whatever reason. >>> >>> In order to track down the problem, we need to know a bit more about >>> your configuration. Are you using any particular 'flavor' of qmail? >>> >>> In your client configuration, there should be a "server requires >>> authentication" or "use username and password" setting of some sort >>> (varies by client program). Be sure that's checked. >>> >>> -- >>> -Eric 'shubes' >>> >>> Sebastian Grewe wrote: >>>> Hey, >>>> >>>> I think there is an issue somewhere else. We are using SMTP Auth on >>>> Qmail Level and it works fine with Greylisting. Users are not being >>>> rejected when sending mail through the servers after SMTP >>>> authentication. >>>> >>>> I have no experience with Spamdyke doing the authentication. But make >>>> sure the users are actually doing the authentication process. >>>> >>>> Cheers, >>>> Sebastian >>>> >>>> On Thu, 2010-05-20 at 19:03 +0200, Boris Hinzer wrote: >>>>> Am 20.05.2010 um 18:15 schrieb Eric Shubert <[email protected]>: >>>>> >>>>>> Boris Hinzer wrote: >>>>>>> Hello, >>>>>>> >>>>>>> can anybody verify this behavior? >>>>>>> We are facing the situation, that if we whiteliste local >>>>>>> emailadresse the smtp auth is completely skipped. >>>>>>> Server is then acting like an open relay for these mailaddresses. >>>>>>> >>>>>>> In spamdyke.conf we have the following: >>>>>>> smtp-auth-command=/var/qmail/bin/smtp_auth /var/qmail/bin/true / >>>>>>> var/ >>>>>>> qmail/bin/cmd5checkpw /bin/true >>>>>>> smtp-auth-level=ondemand-encrypted >>>>>>> >>>>>>> Best regards, >>>>>>> >>>>>>> Boris >>>>>> I can't verify, but this is the behavior I would expect. If >>>>>> something is >>>>>> whitelisted, all filters are bypassed. Likewise if a session is >>>>>> authenticated. Whitelisting can be dangerous, especially >>>>>> whitelisting >>>>>> your own domain(s). Whitelisting is intended more for getting >>>>>> around >>>>>> trusted mail servers that are misconfigured (rDNS issues >>>>>> typically). >>>>>> >>>>>> If your local users all authenticate (which they should), you can >>>>>> *blacklist* your local domains, which effectively blocks spam which >>>>>> spoofs/forges your domains. This is counter intuitive, but since >>>>>> your >>>>>> users authenticate, they will not be affected by the blacklist. >>>>>> >>>>>> What circumstance lead you to whitelist your local domain in the >>>>>> first >>>>>> place? Difficulty authenticating? >>>>>> >>>>>> -- >>>>>> -Eric 'shubes' >>>>>> >>>>>> _______________________________________________ >>>>>> spamdyke-users mailing list >>>>>> [email protected] >>>>>> http://www.spamdyke.org/mailman/listinfo/spamdyke-users >>>>> Actually if we don't whitelist our local users they also run into >>>>> greylisting process. This leads to very annoying messages in >>>>> Outlook, >>>>> which our users don't understand. >>>>> >>>>> At the moment we removed senders from whitelist and started an ip >>>>> based whitelist, which is IMHO second best solution (thinking of >>>>> cell >>>>> phones, ipad, etc.). >>>>> >>>>> We are also facing the fact that mails where senders are faked and >>>>> equal to receivers are getting through. >>>>> >>>>> Best regards, >>>>> >>>>> Boris >>>>> _______________________________________________ >>>>> spamdyke-users mailing list >>>>> [email protected] >>>>> http://www.spamdyke.org/mailman/listinfo/spamdyke-users >>> _______________________________________________ >>> spamdyke-users mailing list >>> [email protected] >>> http://www.spamdyke.org/mailman/listinfo/spamdyke-users >> _______________________________________________ >> spamdyke-users mailing list >> [email protected] >> http://www.spamdyke.org/mailman/listinfo/spamdyke-users _______________________________________________ spamdyke-users mailing list [email protected] http://www.spamdyke.org/mailman/listinfo/spamdyke-users
