Hi,
I have discussed this topic today with S�nke and we came to the conclusion that blocking local senders from external mailservers is indeed stupid. it was a bad idea. if one receives spam from a certain mailserver one will have to block it using spam-*.tab or blacklisting the mailserver at some rbl. This hasn't got anything to do with if the spammer uses a local addressee as sender-address or not. Mit freundlichem Gru� Henrik Steffen Gesch�ftsf�hrer top concepts Internetmarketing GmbH Am Steinkamp 7 - D-21684 Stade - Germany -------------------------------------------------------- http://www.topconcepts.com Tel. +49 4141 991230 mail: [EMAIL PROTECTED] Fax. +49 4141 991233 -------------------------------------------------------- 24h-Support Hotline: +49 1908 34697 (EUR 1.86/Min,topc) -------------------------------------------------------- System-Partner gesucht: http://www.franchise.city-map.de -------------------------------------------------------- Handelsregister: AG Stade HRB 5811 - UstId: DE 213645563 -------------------------------------------------------- ----- Original Message ----- From: "Andreas Hansson" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, July 10, 2002 1:15 PM Subject: [xmail] Re: security hole, configuration error, or rfc compilance? > > > but i would prefer that xmail server forces smtp auth if the MAIL_FROM and > > RCPT are local and the same. > > > > the rcpt accout is local, so you can think we don't need auth, but the > > sender is also local, and so there xmail could force auth. > > I send lots of mail from other places using my work e-mail address as > from-address. When sending mail from home I use my home mail server to relay > mail out, i other cases I have to use ISP mail servers because of > firewalling. I often BCC my mails to my work e-mail so I get a copy of the > messages I sent there. > > To me, mail with the same sender and rcpt is completely normal and very > common, and they will have been routed through one or more other > mailservers. > > Even for mail that I don't BCC to myself, there's a fair chance that I'll > have CC'd one or more recipients in the same domain as myself and those > would also be covered by your required auth. > > If Davide ever implements this, it has to be a non-default option. > > Andreas > > > > > - > To unsubscribe from this list: send the line "unsubscribe xmail" in > the body of a message to [EMAIL PROTECTED] > For general help: send the line "help" in the body of a message to > [EMAIL PROTECTED] > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
