Re: sendmail SPAM

From: Glynn Clements (glynn@sensei.co.uk)
Date: Tue Jan 11 2000 - 04:49:42 EST


Grischa Schuering wrote:

> I don't know if this matter was talked about before, but I have a concrete
> problem with SPAM, sent via my sendmail server.
>
> As I know, all newer sendmail distributions are configured automatically
> with anti-spam rules. One rule that I know of is, that either source or
> destination email address has to be local.
>
> Now the person, that is using my server for spam mail, uses an email account
> that exists almost on all unix systems, root@www.mydomain.com. ANd my server
> relays that mail, because the user root exists on the server.

No. Sendmail will not relay mail based upon the sender address.

If you are using 8.9.*, then your sendmail.cf has been built with
bogus options (e.g. FEATURE(promiscuous_relay)).

> Do you know of a secure config for sendmail that this does not happen?
>
> The only thing I can think of is, configuring the server to just accept smpt
> connections from a list of ips. But this would mean, that customers using
> dynamically assigned ip address (e.g. aol, compusere and so on) can't send
> emails, when the ip address changes.. THat shouldn't be a pratically useful
> solutions.

If you don't accept SMTP connections, then you aren't going to be able
to receive mail.

-- 
Glynn Clements <glynn@sensei.co.uk>

- To unsubscribe from this list: send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.rutgers.edu



This archive was generated by hypermail 2b29 : Sat Jan 15 2000 - 21:00:29 EST