We had a similar problem, with some spammer relaying through our sever, despite the 'Relay for IP' setting. We had to switch to the 'No Relay' setting for some time. We assumed the relay was happening due to some 'formmail' exploit. The possibilty of "spoofing" sounds scary. Is there something like that, and if yes, how does one prevent oneself from it?
At 12:17 AM 8/26/03 -0400, you wrote:
> Last thing we have saw in our server -we manage Relay for Addreses > plus SMTP authentication- is that spammers are now spoofing the IP > addresses. They somehow manage to know what addresses are connecting > to our server and then start to spoof the address to make the server > believe that it is from an address that can relay.
I have to ask you what hard evidence you have that spammers are connecting from a spoofed (rather than owned) IP address. Remember that NAT is a mighty tool of the the hacker-spammer.
-Sandy
------------------------------------ Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] ------------------------------------
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/