Yeah, I have that set up now.
I have 2 class c's. For example 192.168.172.0 with 255.255.255.0 as the
subnet and 192.168.173.0 and a 255.255.255.0 subnet. Now this is setup in
Mail relay Options/Relay Mail for (addresses). And these are considerered
local addresses for mail gatewaying.
Yes, I have verified through the imail log that is indeed still being
spoofed somehow from the outside. MAkin imail think it is internal. So my
imail server doesnt even make them authenticate. It just sends without
asking. What I have done so far to stop it, is block the IP's thats its
coming from in (Control Access) But then the next night, I get more spam
from MY VIRTUAL HOST (from other mail servers). There are 3 users on my
virtual host, me, my wife, and my partner, and I know they arent doing it.
nor is my wife in .jp making those atttempts.. :)
It's like I'm on some list saying this ISP is using IMAIL, and hey, thats
easy to hack lets get this guy for while.
I dont get it.
And yes, I see weirded out froms like this.
RCPT TO:<@mail.redrosecookies.com:[EMAIL PROTECTED]>
That paticular one failed. But the ones that have succeeded going through
were very similiar.
Plus I am a web hosting company, so I have to make my customer AUTH anyway.
They dont dial up into me.
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Len Conrad
Sent: Tuesday, February 22, 2000 6:51 PM
To: [EMAIL PROTECTED]
Subject: Re: [IMail Forum] I am getting killed by spammers relaying onmy
servers.
Scott,
Switch to "relay for addresses" and put in there all your Class C or
subnets. That should stop the relaying, if it's really relaying.
Have you verified in the Imail log that the relaying is happening vs
somebody in your user base originating the spam?
You have a choice: continue your unsuccessful approaches and get blackhole
pissing you and all your users off, or go to "relay for addresses", have
users complain because they have to use SMTP AUTH when calling in not on
your ip's, but keep your self out of the blackhole.
Len
==========
>I have several options selected
>
>
>smtp security
>relay mail for internal addresses only (on my network)
>allow remote mail to local groups is checked.
>check valid sender is checked
>aut deny possible hack attempts is checked.
>disable smtp vrfy command is checked.
>
>people are still able to relay mail from my server without authenticating.
>Im about 1 day away from my UPPER ISP providor filtering mail to my servers
>cause I cant stop the spam! I have even denied access to the offenders
>causing the spam, and emailed the proper authorites. But new spam servers
>pop up everyday relaying through my secured smtp server (secured hah)
>
>
>Ive been at this for 5 days. Can I get any suggestions??
>
>
>
>
>Please visit http://www.ipswitch.com/support/mailing-lists.html
>to be removed from this list.
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
