At 02:10 PM 1/3/02 -0500, R. Scott Perry wrote: >See above; your current settings allow spammers to send mail through your server.<<
Sorry, but THAT is NOT what happened. In some way the outside spammer was able to gain access and make it appear that they were sending from within the server (127.0.0.1) and iMail said "OK". In one instance that I found in the log it appeared the relay failed but still it was queued and sent. This was not a case of someone coming in faking a known user e-mail address (ie. Local User). This was apparently NOT done from a form-mail.pl or similar application as we have none of these on the server. We DID get caught several months ago with the CodeRed virus and cleaned it up quickly (we thought). All security patches are in place, but I am wondering if something was still open from that episode. >It (sending from an alias) would HAVE to be blocked -- IMail can't match a password to an account that doesn't exist. That makes sense. We have already converted all of the first client's aliases to regular users with forwarding, and then we discovered another client with the same problem. The claim was first made that "it worked last month - what did YOU change". I looked in the log and it had failed last month too, they just never said anything. Orin R. Wells AWASCO, Inc. P. O. Box 5427 Kent, WA 98064-5427 (253) 630-5296 email: [EMAIL PROTECTED] Please visit http://www.ipswitch.com/support/mailing-lists.html to be removed from this list. An Archive of this list is available at: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
