RE: sendmail SPAM

From: Eduardo Röhr (
Date: Mon Jan 10 2000 - 06:08:31 EST

Look for POPAUTH, or better known as Pop before SMTP.

What does this mean?? You have a list of IP-addresses, which allow
with your Mailserver.

How is this Ip-list managed/created?

There is for example a daemon looking in /var/log/maillog for an entry of
the popserver like this:

........... ipop3d[pid]: Host= User=user

It takes this entry and adds it to the IP List for the amount of time you
have set. Then, can this Ip use your mailserver for this amount of time

So, all your user, have to understand, they MUST authenticate with POP
before they use SMTP.

And so, you know that every user that use SMTP, is validated through your
POP server.


> Hello,
> I don't know if this matter was talked about before, but I have a
> problem with SPAM, sent via my sendmail server.
> As I know, all newer sendmail distributions are configured automatically
> with anti-spam rules. One rule that I know of is, that either source or
> destination email address has to be local.
> Now the person, that is using my server for spam mail, uses an email
> that exists almost on all unix systems, ANd my
> relays that mail, because the user root exists on the server.
> Do you know of a secure config for sendmail that this does not happen?
> The only thing I can think of is, configuring the server to just accept
> connections from a list of ips. But this would mean, that customers
> dynamically assigned ip address (e.g. aol, compusere and so on) can't
> emails, when the ip address changes.. THat shouldn't be a pratically
> solutions.
> What can I do ?
> WHat do you do ?
> Greetings,
> Grischa
> -

Sent through Global Message Exchange -

- To unsubscribe from this list: send the line "unsubscribe linux-net" in the body of a message to

This archive was generated by hypermail 2b29 : Sat Jan 15 2000 - 21:00:29 EST