Thank you, KAM.
I will take a look at those URLs, appreciated.
John, that is what I am looking to do and that is why I thought that SA
could have a rule for this. I will read the info that KAM sent.
Best Regards,
Sergio
On Thu, Aug 16, 2012 at 2:22 PM, John Hardin <jhar...@impsec.org> wrote:
> On Thu, 16 Aug 2012, Sergio wrote:
>
> My server is not Open Relayed and it has SPF and DOMAINKEYS in it and
>> that is working great. The problem is when a hacker has obtained the
>> password from an account, so, it can send emails authenticating with the
>> account that has been compromised. When a hacker has access to an account
>> (I am almost sure that any one on the list has seen this), he sends emails
>> but the FROM is changed to something that is not a domain on the server,
>> that is what I am looking to stop.
>>
>
> That is indeed considered a subcase of open relay. There should be a list
> of domains that control whether mail is accepted by an MTA, such that
> ({domain in list} -> {any}) is accepted, and {{any} -> {domain in list}) is
> accepted, and anything else is rejected.
>
>
> --
> John Hardin KA7OHZ
> http://www.impsec.org/~**jhardin/<http://www.impsec.org/%7Ejhardin/>
> jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org
> key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
> ------------------------------**------------------------------**
> -----------
> An operating system design that requires a system reboot in order to
> install a document viewing utility does not earn my respect.
> ------------------------------**------------------------------**
> -----------
> 8 days until the 1933rd anniversary of the destruction of Pompeii
>
