I understand what is going on, but this SHOULDN’T, unless you’ve left a door open.
I suspect you have authentication off for your whole domain, rather than turn it off for a handful of trusted IPs
When they send something through [EMAIL PROTECTED] and are sending it from an outside address, they should be challenged for user/pass, unless you’ve left an unnecessarily wide hole open by allowing relaying from anyone at your_domain.com.
Your mail server is going to see the originating IP as 127.0.0.1 ONLY for clients actually on the same machine, namely witango. For every other message, it will see the sender’s IP as the IP of that originating client, not the domain that it claims to be from.
On 11/1/04 12:19 PM, "Rick Sanders" <[EMAIL PROTECTED]> wrote:
Hi Roland,
Thanks for your reply. Unfortunately, it's a little more complicated than that.
The people relaying off the server, are using the email address of the domain hosted on the server
So, the spammers are using [EMAIL PROTECTED], and it's going through without authentication because 127.0.0.1 is in the privileged IP range.
The IP of that message is NOT 127.0.0.1, but the IP of the originating client.
________________________________________________________________________ TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
