I just discovered a phenomenon that is probably familiar to many of you: the fact that spammers (or viruses) can relay through my server because of its accepted domains (domains at which my server hosts pop accounts), simply by forging a bad address at one of the accepted domains and allowing the resulting bounce to deliver their content to the specified "from" address, via the bounce message.
It seems to me that an obvious way to deal with this would be to simply not accept entire domains (except for domains that require full wildcard delivery) but only accept delivery to specific legitimate addresses for which either POP accounts or forwards exist. I understand that this means checking against a larger list but my list of legitimate email addresses is probably less than 5 times the size of legitimate domains so I think this would not be a problem, especially since in my case this is a total of less than 100 email addresses. I would also guess that if I were using MySQL beyind vpopmail instead of just text files that this would be even less of a problem, and that I could make this upgrade in the future if SMTP server performance became an issue. Besides if I had this protection in place, the mail throughput of my server could probably be reduced by a factor of 2, if not much more at times. I am using qmail + vpopmail5.3.12 for both POP and SMTP purposes. As far as I know no such mechanism as I am describing exists. Is there a way to do this? Thanks for any suggestions. -Kurt Bigler
