little off topic: Am I an open relay?

Steve Campbell campbell at cnpapers.com
Tue Jun 7 13:41:13 IST 2005 

    [ The following text is in the "iso-8859-1" character set. ]
    [ Your display is set for the "US-ASCII" character set.  ]
    [ Some characters may be displayed incorrectly. ]

Beat,

Beat Jucker wrote:
>> I had a similar situation just last week. It had to do with some
>> kind of setup on a user's Thunderbird. A friend of this user told
>> him how to set up Thunderbird to act as a relay for a different
>> domain than ours, and for some reason, because it was being done
>> from our IPs, sendmail would go merrily along and send it, even
>> though it wasn't supposed to.
>
> In my opinion each domain (company) should take care that only well
> known mailservers in their domain should be able to take the role of
> a relay mailserver (eg controlled by firewall). This will prevent
> many virus/spam distributions

I agree, but this was happening on my outbound mailserver, so I couldn't
control it with the normal solution. This is the user's normal SMTP server,
it was set up to only relay for particular domains, but it still relayed for
this non-authorized domain. It was also receiving mail for this user in this
non-authorized domain. Somewhere, I have a feeling, that there is a setting
in my sendmail configuration that says relay for any IP in my IP range. I
don't understand the inbound part at all.

Any ideas how this may have been implemented?

Steve

>
> Regards
> -- Beat
>
> ------------------------ MailScanner list ------------------------
> To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
> 'leave mailscanner' in the body of the email.
> Before posting, read the Wiki (http://wiki.mailscanner.info/) and
> the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
>
> Support MailScanner development - buy the book off the website!

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!

More information about the MailScanner mailing list