Re: [qmailtoaster] Re: Restrict my server as Smart Host

2010-08-16 Thread Amit Dalia 
Hi Jake,

I saw the old archives but didn't find solution. I mean it was just
discussed but with no conclusion. Or may be I'm expecting some other
conclusion.

Regards,

Amit

At Monday, 16-08-2010 on 20:16 Jake Vickers wrote:

On 08/16/2010 10:32 AM, Amit Dalia wrote: 

Hi Jake,

1) If you do not wish someone to send email through your system, you
will need to disable their account?
>> I only want user to send mail from my server if From Email id and
authentication email id are same. If they are different the mail
should not be allow to transfer.
Ex. If sender is j...@qmailtoaster.com [1] which is using my server
for relaying mail by authenticating with username a...@ikf.co.in and
my password, then this should not happen. 

2) Does your tcp.smtp allow IP ranges to relay?
>> No.

1 - this is the way email works. People can have any reply-to/from
address.
Look in the archives,  this has been discussed already.
http://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/



Links:
--
[1] http://webmail.ikf.co.in/webmail/index.php#

Re: [qmailtoaster] Re: Restrict my server as Smart Host

2010-08-16 Thread Jake Vickers 

 On 08/16/2010 10:32 AM, Amit Dalia wrote:

Hi Jake,

1) If you do not wish someone to send email through your system, you 
will need to disable their account?
>> I only want user to send mail from my server if From Email id and 
authentication email id are same. If they are different the mail 
should not be allow to transfer.
Ex. If sender is j...@qmailtoaster.com 
 which is using my server 
for relaying mail by authenticating with username a...@ikf.co.in and 
my password, then this should not happen.


2) Does your tcp.smtp allow IP ranges to relay?
>> No.


1 - this is the way email works. People can have any reply-to/from address.
Look in the archives,  this has been discussed already. 
http://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/

Re: [qmailtoaster] Re: Restrict my server as Smart Host

2010-08-16 Thread Amit Dalia 
Hi Jake,

1) If you do not wish someone to send email through your system, you
will need to disable their account?
>> I only want user to send mail from my server if From Email id and
authentication email id are same. If they are different the mail
should not be allow to transfer.
Ex. If sender is j...@qmailtoaster.com [1] which is using my server
for relaying mail by authenticating with username a...@ikf.co.in and
my password, then this should not happen. 

2) Does your tcp.smtp allow IP ranges to relay?
>> No.

Regards,

Amit

At Monday, 16-08-2010 on 19:25 Jake Vickers wrote:

On 08/15/2010 02:20 AM, Amit Dalia wrote: 

Yes I have since evidences thats why I'm looking for solution.

Amit

At Sunday, 15-08-2010 on 5:30 Eric Shubert wrote:

Have you seen evidence of such, or are you speculating?
-- 
-Eric 'shubes'

Amit Dalia wrote:
> This might be the bad solution but my basic concern is that I don't
want 
> any other email id or any other email server should be able to send
mail 
> by just using my server as Smart Host.
> For example: right now from current QMT configuration any email id 
> assume a...@xyz.com can send mail from my server by using my server 
> anyone email id as Smart Host to relay mail.
> My concern is how do I stop a...@xyz.com to send mail from my server
if 
> a...@xyz.com doesnot exist on my QMT server.
> 
> Amit
> 
> At Saturday, 14-08-2010 on 21:40 Eric Shubert wrote:
> 
> I don't know of a way to do this with QMT (which isn't to say it
can't
> be done).
> 
> I understand your concern, but this restriction doesn't sit well
with
> me. I think it's a bad solution to the problem you're trying to
> address.
> I think it would be better to change compromised passwords. Also be
> sure
> that SSL/TLS is always used with client configurations for smtp,
pop3
> and imap.
> 
> -- 
> -Eric 'shubes'
> 
> Amit Dalia wrote:
> > Hi Eric,
> >
> > I don't think so eMPF can do this. Basically it should not allow
> other
> > user to send mail or it should do some thing like google smart
> host i.e.
> > from id in headers should automatically replace by authenticated
> email
> > id while delivering mail to reciepient.
> > If this patch is done then it can be helpful to stop spammers who
> are
> > sending mail with compromise username and password.
> >
> > Regards,
> >
> > Amit
> >
> > At Saturday, 14-08-2010 on 21:18 Eric Shubert wrote:
> >
> > Amit Dalia wrote:
> > > Hi Everyone,
> > >
> > > How do I restrict use of my server as a Smart Host? I don't
> want any
> > > other domain which is not hosted on my QMT server should able
to
> > send
> > > mail using authentication from my QMT i.e. From Email Id and
> > > Authentication Email Id should be same. And if both are
different
> > then
> > > it should not allow to relay the mail.
> > >
> > > Regards,
> > >
> > > Amit
> >
> > I don't know off hand. Is there an eMPF policy that can handle
this?
> >
> > --
> > -Eric 'shubes'
> >

Search the archives - there have been some solutions to what you are
looking to do.
If you do not wish someone to send email through your system, you
will need to disable their account. Does your tcp.smtp allow IP ranges
to relay?



Links:
--
[1] http://webmail.ikf.co.in/webmail/index.php#

Re: [qmailtoaster] Re: Restrict my server as Smart Host

2010-08-16 Thread Jake Vickers 

 On 08/15/2010 02:20 AM, Amit Dalia wrote:

Yes I have since evidences thats why I'm looking for solution.

Amit

At Sunday, 15-08-2010 on 5:30 Eric Shubert wrote:

Have you seen evidence of such, or are you speculating?
-- 
-Eric 'shubes'


Amit Dalia wrote:
> This might be the bad solution but my basic concern is that I
don't want
> any other email id or any other email server should be able to
send mail
> by just using my server as Smart Host.
> For example: right now from current QMT configuration any email id
> assume a...@xyz.com can send mail from my server by using my server
> anyone email id as Smart Host to relay mail.
> My concern is how do I stop a...@xyz.com to send mail from my
server if
> a...@xyz.com doesnot exist on my QMT server.
>
> Amit
>
> At Saturday, 14-08-2010 on 21:40 Eric Shubert wrote:
>
> I don't know of a way to do this with QMT (which isn't to say it
can't
> be done).
>
> I understand your concern, but this restriction doesn't sit well
with
> me. I think it's a bad solution to the problem you're trying to
> address.
> I think it would be better to change compromised passwords. Also be
> sure
> that SSL/TLS is always used with client configurations for smtp,
pop3
> and imap.
>
> --
> -Eric 'shubes'
>
> Amit Dalia wrote:
> > Hi Eric,
> >
> > I don't think so eMPF can do this. Basically it should not allow
> other
> > user to send mail or it should do some thing like google smart
> host i.e.
> > from id in headers should automatically replace by authenticated
> email
> > id while delivering mail to reciepient.
> > If this patch is done then it can be helpful to stop spammers who
> are
> > sending mail with compromise username and password.
> >
> > Regards,
> >
> > Amit
> >
> > At Saturday, 14-08-2010 on 21:18 Eric Shubert wrote:
> >
> > Amit Dalia wrote:
> > > Hi Everyone,
> > >
> > > How do I restrict use of my server as a Smart Host? I don't
> want any
> > > other domain which is not hosted on my QMT server should able to
> > send
> > > mail using authentication from my QMT i.e. From Email Id and
> > > Authentication Email Id should be same. And if both are
different
> > then
> > > it should not allow to relay the mail.
> > >
> > > Regards,
> > >
> > > Amit
> >
> > I don't know off hand. Is there an eMPF policy that can handle
this?
> >
> > --
> > -Eric 'shubes'
> >




Search the archives - there have been some solutions to what you are 
looking to do.
If you do not wish someone to send email through your system, you will 
need to disable their account. Does your tcp.smtp allow IP ranges to relay?