I just discovered a phenomenon that is probably familiar to many of you:
the fact that spammers (or viruses) can relay through my server because of
its accepted domains (domains at which my server hosts pop accounts), simply
by forging a bad address at one of the accepted domains and allowing the
resulting bounce to deliver their content to the specified "from" address,
via the bounce message.
It seems to me that an obvious way to deal with this would be to simply not
accept entire domains (except for domains that require full wildcard
delivery) but only accept delivery to specific legitimate addresses for
which either POP accounts or forwards exist.
I understand that this means checking against a larger list but my list of
legitimate email addresses is probably less than 5 times the size of
legitimate domains so I think this would not be a problem, especially since
in my case this is a total of less than 100 email addresses. I would also
guess that if I were using MySQL beyind vpopmail instead of just text files
that this would be even less of a problem, and that I could make this
upgrade in the future if SMTP server performance became an issue. Besides
if I had this protection in place, the mail throughput of my server could
probably be reduced by a factor of 2, if not much more at times.
I am using qmail + vpopmail5.3.12 for both POP and SMTP purposes.
As far as I know no such mechanism as I am describing exists. Is there a
way to do this?
Thanks for any suggestions.