[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: postfix relay

To: Noah K Sematimba <ksemat at wawa.eahd.or.ug>
Subject: Re: postfix relay
From: Brian Candler <B.Candler at pobox.com>
Date: Mon, 15 Jul 2002 14:42:27 +0100
Cc: afnog at afnog.org
Content-Disposition: inline
Content-Type: text/plain; charset=us-ascii
Delivered-To: afnog-archive at lists.eahd.or.ug
Delivered-To: afnog-outgoing at afnog.org
Delivered-To: afnog at afnog.org
In-Reply-To: <Pine.LNX.4.33.0207151624540.15609-100000 at noah.africaonline.co.ug>; from ksemat at wawa.eahd.or.ug on Mon, Jul 15, 2002 at 04:31:14PM +0300
References: <Pine.LNX.4.33.0207151624540.15609-100000 at noah.africaonline.co.ug>
Sender: owner-afnog at afnog.org
User-Agent: Mutt/1.2.5i

On Mon, Jul 15, 2002 at 04:31:14PM +0300, Noah K Sematimba wrote:
> I recently got problems with a client who was spamming the rest of the
> world. I would like to prevent this and yet I need to allow my network to
> relay mail through the mail server.
> 
> My dilemma is this:
> 
> I would like to configure the mail server to ONLY relay mail if the
> connecting client is FROM my network AND his domain is found in my
> $relay_domains file.

What do you mean by "his domain"? Do you mean the domain of the envelope
sender of the message? For example,

MAIL FROM:<user at yourisp.net>
                ^^^^^^^^^^^

If so, I would say:
- MAIL FROM:<> is always valid. Spammers can send using this.
- MAIL FROM:<some other address> is often valid. I send out using
  MAIL FROM:<B.Candler at pobox.com> even though the ISP I relay through is
  not pobox.com.
- There's nothing to stop him putting MAIL FROM:<someotheruser at yourisp.net>

The best you can do, IMO, is configure your mailer to disallow relaying if
the domain of the MAIL FROM is invalid, i.e. no MX or A record exists for
it. But most spammers send from valid domains which they don't own, or use a
throw-away hotmail or similar address.

If you want to check the MAIL FROM domain this is easily done in exim, in
fact I think it's the default:

  require verify        = sender

Or do you mean something else (the domain if you reverse lookup his IP
address? The domain in the From: header?)

The correct solution, IMO, is to enforce your AUP (i.e. you monitor your
users, and warn them or cut them off if they abuse it).

You might find a new feature in Exim 4 useful though:
http://www.exim.org/exim-html-4.00/doc/html/spec_13.html#IX948

B.

-----
This is the afnog mailing list, managed by Majordomo 1.94.5

To send a message to this list, e-mail afnog at afnog.org
To send a request to majordomo, e-mail majordomo at afnog.org and put
your request in the body of the message (i.e use "help" for help)

This list is maintained by owner-afnog at afnog.org

Follow-Ups:
- Re: postfix relay
  - From: Noah K Sematimba <ksemat at wawa.eahd.or.ug>

References:
- postfix relay
  - From: Noah K Sematimba <ksemat at wawa.eahd.or.ug>
- postfix relay
  - From: Noah K Sematimba <ksemat at wawa.eahd.or.ug>

Prev by Date: postfix relay
Next by Date: Fw: confident ?
Prev by thread: postfix relay
Next by thread: Re: postfix relay
Index(es):
- Date
- Thread