Hey John,
Yep, that's what seems to be happening.
However, after checking the logs, the reason why other users at the same domain were getting email from [EMAIL PROTECTED] was because relay is on for mail sent within the same domain since both the sender and receiver are local.
So, unauthorized email isn't getting out at least! After I re-configured the SMTP.
If the mail is going to an account on the local machine, then the spammers aren't relaying at all... They are simply using a generic account name at the local domain as the return address.
The definition of mail relaying means that the mail would be relayed to another server.
Typically relay restrictions are not enforced when the recepient is a local account, because the mail isn't being relayed, it's being delivered to it's final destination.
/John
Rick Sanders wrote:
Hi Roland, Thanks for your reply. Unfortunately, it's a little more complicated than that. The people relaying off the server, are using the email address of the domain hosted on the server. So, the spammers are using [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>, and it's going through without authentication because 127.0.0.1 is in the privileged IP range. Of course, turning off the 127.0.0.1 stops un-authorized relaying, but also stops the Tango server from sending auto email. Unless the Tango server can send a username & password for authentication. We've blocked a huge list of IP's, but they're spoofing IP's off other Comcast & AT&T DSL customers. Fun, fun, fun!
Hold on. Something’s amiss in your mail server setup.
IF you have relay enabled from 127.0.0.1 AND you have a mail server on the same machine AND you have authentication turned on for outside IP addresses, the mail server should still be requiring authentication from outside people trying to use you as an open relay.
I have that setup (webstar) and can see the steady stream of attempted relays being blocked.
You can turn authentication off for your internal and trusted networks, including 127.0.0.1 and the IP address of your witango machine Authentication required for everyone else Use your firewall/router not not let in IP spoofers using 127. Or your server’s IP address
Then, when the spammer is sending messages trying to exploit the open relay, the mail server will reject because the IP address is the originating machine or server, not your own. If they are trying to spoof your Ip address, the mail won’t get in.
Check your detailed smtp log and you’ll see where your hole is.
On 11/1/04 10:34 AM, "Rick Sanders" <[EMAIL PROTECTED]> wrote:
I have a client who's having email relay problems.
Basically, people are relaying off his email server. He's turned off relay for local sender addresses, and enabled SMTP authentication.
However, he's had to let his local machine IP 127.0.0.1 for access to the mail server, because WiTango needs to send automatic email. However, because of this, anyone can still relay mail off the server.
The question:
Is it possible for the WiTango server to send a username & password to the mail server for outbound authentication? I know that WiTango can use a specific email address, but can it send a Username & password for authentication?
The server is version 2000 with SP2.
Thanks in advance,
Rick Sanders
________________________________________________________________________ TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
----------------------------------------- Roland Dumas Roberts Information Services 310 W. Bellevue Avenue San Mateo CA 94402 650-347-1373 415-412-9300 (cell) [EMAIL PROTECTED] SMS: http://new.servqual.com/html/sms.tml
________________________________________________________________________ TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
________________________________________________________________________ TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
________________________________________________________________________ TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
________________________________________________________________________ TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
