From: Jochem van Dieten
Date: Sat, 25 Sep 2004 02:11:20 +0200
> That is no protection against relaying, there is a reason why all
> the standard relay tests use addresses from a local domain.
> Everybody can fake an email address (isn't that what you are
> doing yourself?).
No, we're using a real address. The mail server is set to require a
real account (which is why the from address is
"[EMAIL PROTECTED]" - that's a real account). Of course,
that doesn't prevent spammers from trying to use our domain with that
e-mail address (which is probably a pretty common account name).
> Fix your mailserver, it is easier.
For now, the mail server isn't under out control. I've only recently
joined the company, but aparently the relay setting is a fairly recent
one. In the next two months, we're changing hosts and to a dedicated
hosting solution (where we'll have more control). From what I
understand, our current settings are much like any other "prevent
relay" settings that I'm aware of, where the from addresses have to be
actual accounts.
Based on what you've said, my guess is that MS Exchange is the
culprit. For now, we can put a message in each e-mail saying
something like, "If replying, please make sure the To: address is
"[EMAIL PROTECTED]". When we have more control over the mail
servers, we can look into requiring authentication (we're on CF 5 and
are transitioning to MX 6.1 with the new host, so authentication is an
option).
Thanks!
Scott
--
-----------------------------------------
Scott Brady
http://www.scottbrady.net/
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings] [Donations and Support]
