The panorama looks like this:
I have 2 Imail Servers with Relay Settings as "Relay mail for Addresses" and SMTP AUTH in both servers. The IP address of each server is allowed at the other server IP Table. So, this weekend (After more than 3 years with this config and never been an openrelay) , i started receiving a lot of OPENRELAY emails from a lot of places.
You've actually been an open relay for quite some time:
06:24 08:19 SMTPD(2DFC00BE) [62.242.0.190] RCPT TO:<@geo.net.co:[EMAIL PROTECTED]>
So, what i see is that he tries to send the email through my other server (geo.net.co) and cause geo.net.co has 200.69.97.12 in his IP Relay table, it sends the imail.
Exactly. The problem is that both servers allow the other server to relay, without any restrictions. So if someone sends E-mail to one of the two servers, and can relay it to the other, the E-mail will go out.
So how to prevent this ?
If you are already running Declude JunkMail, you can use the "PERCENT" test, which will catch this type of relaying.
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail mailservers.
Declude Virus: Catches known viruses and is the leader in mailserver vulnerability detection.
Find out what you have been missing: Ask for a free 30-day evaluation.
--- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
