At 03:31 AM 23/11/2006, Stephen Warren wrote: > > > > I realised that the sender was me and the recipient was me and > bugger. The > > From however was not! > >The "canonical" solution to this is to configure your mail server to >reject all email purporting to be sent *from* your domain name except >from a specific set of hosts (e.g. your local LAN, your separate >inbound/outbound mail servers etc.)
I use to do just that. And in fact sendmail still does just that. (it's a pita when I'm on a wireless network in the city or over seas and have to SSH in first to allow myself access!) However sendmail doesn't check the return path on inbound mail, and even if it did, the obvious issues arise. >Then, you setup authenticated SMTP, and allow *authenticated* users to >send mail *from* your domain. Reconfigure your mail clients to use SMTP >authentication, and you're set. Yes, I suspect this is where I'm going. Which is also a pita because I have a large volume of users. 15 years ago the idea of restricting access to a server was almost unheard of. Today giving access to any service on a service is almost a crime! >Typically, authenticated SMTP is run over SSL on a separate port to >regular inbound SMTP from "anonymous" remote sites. Herein again is the issue. The FROM address is not from me, it's random. It's the return path that is an issue. >This also solves the problem of taking your laptop somewhere and needing >to find the local ISP's outbound SMTP server - instead, simply use your own. Oh I always use my own :) _____________________________________________ tmda-users mailing list (tmda-users@tmda.net) http://tmda.net/lists/listinfo/tmda-users
