Outgoing mail
Ugo Bellavance
ugob at CAMO-ROUTE.COM
Mon Dec 22 17:57:52 GMT 2003
> Mike answered with this...
>
> --On Monday, December 22, 2003 9:55 am -0600 Mike Kercher
> <mike at CAMAROSS.NET> wrote:
>
> > You need to use a ruleset for this:
> >
> > From: *@yourdomain.org no
> > FromTo: default yes
>
> ...but in a previous message explained that MailScanner does
> its checks
> using:
> * the SMTP "MAIL FROM" details
> * the SMTP "RCPT TO" details
> * the IP address of the transmitting server
>
> So doesn't this man that an entry of the form
>
> From: *@yourdomain.org no
>
> is a little unsafe? In particular if the message is arriving from an
> offsite machine which has forged the MAIL FROM envelope
> information to be
> an address within your domain ("xxx at yourdomain.org") then the
> above rule
> means it won't get scanned for viruses or spamminess? Wouldn't it be
> better to use a rule to skip the scan only if the IP address
> of the sending
> server is within your netblock of machines?
If you can use IP add, do so. It is in fact more secure.
>
> Festive Cheers,
>
> Mike B-)
>
> --
> The Computing Service, University of York, Heslington, York
> Yo10 5DD, UK
> Tel:+44-1904-433811 FAX:+44-1904-433740
>
> * Unsolicited commercial e-mail is NOT welcome at this e-mail
> address. *
>
More information about the MailScanner
mailing list