Grischa Schuering wrote:
> I don't know if this matter was talked about before, but I have a concrete
> problem with SPAM, sent via my sendmail server.
>
> As I know, all newer sendmail distributions are configured automatically
> with anti-spam rules. One rule that I know of is, that either source or
> destination email address has to be local.
>
> Now the person, that is using my server for spam mail, uses an email account
> that exists almost on all unix systems, [EMAIL PROTECTED] ANd my server
> relays that mail, because the user root exists on the server.
No. Sendmail will not relay mail based upon the sender address.
If you are using 8.9.*, then your sendmail.cf has been built with
bogus options (e.g. FEATURE(promiscuous_relay)).
> Do you know of a secure config for sendmail that this does not happen?
>
> The only thing I can think of is, configuring the server to just accept smpt
> connections from a list of ips. But this would mean, that customers using
> dynamically assigned ip address (e.g. aol, compusere and so on) can't send
> emails, when the ip address changes.. THat shouldn't be a pratically useful
> solutions.
If you don't accept SMTP connections, then you aren't going to be able
to receive mail.
--
Glynn Clements <[EMAIL PROTECTED]>
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
