> -----Original Message----- > From: Tom [mailto:[EMAIL PROTECTED]]
> Perhaps I'm just tired, I can't see how to set SMTP to be more > secure. That is, if it's based on relay for local users only, > someone can just logon via telnet or whatever and use an account > name to send spam. Maybe I missed some setting, I though I read > somewhere that there was an option to verify the user or force > them to provide a password to send a message through the system. "Relay for local..." is open to abuse if a spammer knows an email address on your server. Since you're pretty likely to have one or more of "root@", "postmaster@", "abuse@", "administrator@", etc., it wouldn't take very long at all to guess an address to put in the "From:" header that would allow relaying. You're looking for SMTP AUTH. With that set, you may not need to allow relaying at all. http://www.ipswitch.com/support/IMail/guide/imailug7/security4.html http://support.ipswitch.com/kb/IM-19980116-JB02.htm -- Dave Salovesh RAM Associates, Inc. (800) 543-3635 Please visit http://www.ipswitch.com/support/mailing-lists.html to be removed from this list. An Archive of this list is available at: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
