On Thu, 16 Aug 2012, Sergio wrote:
My server is not Open Relayed and it has SPF and DOMAINKEYS in it and that is working great. The problem is when a hacker has obtained the password from an account, so, it can send emails authenticating with the account that has been compromised. When a hacker has access to an account (I am almost sure that any one on the list has seen this), he sends emails but the FROM is changed to something that is not a domain on the server, that is what I am looking to stop.
That is indeed considered a subcase of open relay. There should be a list of domains that control whether mail is accepted by an MTA, such that ({domain in list} -> {any}) is accepted, and {{any} -> {domain in list}) is accepted, and anything else is rejected.
-- John Hardin KA7OHZ http://www.impsec.org/~jhardin/ jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 ----------------------------------------------------------------------- An operating system design that requires a system reboot in order to install a document viewing utility does not earn my respect. ----------------------------------------------------------------------- 8 days until the 1933rd anniversary of the destruction of Pompeii
