>However, it seems you are saying that the backup server should not be
>listed in the addresses acl of the first server. I suppose that might
>be possible as a corrective measure in certain situations but surely
>not all. The fact is that if anyone has this configuration now it is
>possible to relay mail without authentication. Or at least it seems
>to be the case to me.
I had been convinced that this was a bug in IMail, until I saw Eric's post.
What is happening is:
[1] The gateway server accepts the E-mail to
[EMAIL PROTECTED]
[2] The gateway server turns the address into
"[EMAIL PROTECTED]". Although I believe the old % method is
deprecated in RFC2821, and it would be nice if IMail had a way to turn it
off, it is probably still a valid format.
[3] The gateway server sends the E-mail as "[EMAIL PROTECTED]" to the
internal IMail server.
Then, the internal IMail server will do one of two things:
[1] If it is set up to allow relaying from the gateway server, it will
relay the E-mail (bad).
[2] If it is set up not to allow relaying from the gateway server, the
E-mail will get bounced (good).
So, the gateway should be set up exactly as described. However, the
internal IMail server should be set up NOT to relay mail for the gateway
(there is no reason it should). If the internal IMail server is set up not
to relay for the gateway, all will work fine.
-Scott
---
Declude: Anti-virus, Anti-spam and Anti-hijacking solutions for
IMail. http://www.declude.com
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
An Archive of this list is available at:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Please visit the Knowledge Base for answers to frequently asked
questions: http://www.ipswitch.com/support/IMail/
