thks for the mailscanner tool

[Dhawal Doshy]

Martin Hepworth wrote:
> vinay poojary wrote:
>> Dear Sir,
>>  
>> I am using mailscanner with sendmail.The sendmail is installed with 
>> smtp-auth .I have no such problems with mailscanner .I am just 
>> enjoying the mailscanner configuration .
>>  
>> But presently i am facing the problem of addres spoofing .The people 
>> in my own company can change the from address and send mail to anyone 
>> via smtp auth .Is there any way i could stop these address spoofing .
>>  
>> Thks in advance .
>>  
>> Regards,
>> vinay poojary
> 
> Vinay
> 
> 1st point of call on this is a proper Acceptable Use Policy. If they use 
> business computers for non-work things, they go the normal disciplinary 
> procedures, or even straight to dismissal under gross misconduct. (never 
> under estimate the power of HR policy!).

i agree that this can taken up at a different level (read as catbert), i 
also think that poor passwords are also responsible for sender spoofing. 
We had a case a year back, where a "secure" SMTP server was used for UBE 
(via a korean IP), using authentication that was quite easy to guess 
(password = username). Now we now enforce stricter passwords ;-)

- dhawal