Thank you, KAM. I will take a look at those URLs, appreciated.
John, that is what I am looking to do and that is why I thought that SA could have a rule for this. I will read the info that KAM sent. Best Regards, Sergio On Thu, Aug 16, 2012 at 2:22 PM, John Hardin <jhar...@impsec.org> wrote: > On Thu, 16 Aug 2012, Sergio wrote: > > My server is not Open Relayed and it has SPF and DOMAINKEYS in it and >> that is working great. The problem is when a hacker has obtained the >> password from an account, so, it can send emails authenticating with the >> account that has been compromised. When a hacker has access to an account >> (I am almost sure that any one on the list has seen this), he sends emails >> but the FROM is changed to something that is not a domain on the server, >> that is what I am looking to stop. >> > > That is indeed considered a subcase of open relay. There should be a list > of domains that control whether mail is accepted by an MTA, such that > ({domain in list} -> {any}) is accepted, and {{any} -> {domain in list}) is > accepted, and anything else is rejected. > > > -- > John Hardin KA7OHZ > http://www.impsec.org/~**jhardin/<http://www.impsec.org/%7Ejhardin/> > jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org > key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 > ------------------------------**------------------------------** > ----------- > An operating system design that requires a system reboot in order to > install a document viewing utility does not earn my respect. > ------------------------------**------------------------------** > ----------- > 8 days until the 1933rd anniversary of the destruction of Pompeii >