On Fri, 31 Oct 2003 16:11:24 +0100
Erik Dörnbach <[EMAIL PROTECTED]> wrote:

> ...there are some guys using our server against us,
> by simply opening an smtp connection to us, pretending to be
> "[EMAIL PROTECTED]" and sending mail to "[EMAIL PROTECTED]" - sendmail
> doesn't see this as a relay or abuse by default.

Well, it's not a relay, period. Your receiving mail for your domain, not
passing mail from one MTA to a different one. 

> How can I make sure the only hosts allowed to send in the name of
> "aaa.com" belong to a certain network/IP range? Guess I missed out a
> feature or something? 

Not as far as I'm aware. That's just SMTP - MTA's don't have any way of
verifying a from address. You could, if you're sufficiently motivated,
probably set up something with Milter that would drop messages from
aaa.com that don't belong to a certain IP range. But I don't really see
the point. Someone could still spoof the aaa.com from address on other
MTA's, or could just connect to yours and spoof a from address from some
other domain. AFAIK, the only point of doing what these guys are doing
is getting past a spam filter that whitelists aaa.com.

Also, see the link below as to why this is not a good idea.

> Also how can I avoid having mail with empty
> sender addresses entering the queue?

You don't. See the following for answers to that, as well as some of
what you asked above:


Todd Pytel

Signature attached
PGP Key ID 77B1C00C

Attachment: pgp00000.pgp
Description: PGP signature

Reply via email to