[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: postfix relay




> What do you mean by "his domain"? Do you mean the domain of the envelope
> sender of the message? For example,
>
> MAIL FROM:<user at yourisp.net>
>                 ^^^^^^^^^^^

exactly.

What I am thinking of is

1. Check address and make sure it is in $mynetworks
if 1 = false; deny
elsif
   1= true
then

2. Check that domain of envelope sender is in $relaydomains
  if 2 =false ; deny
elsif
    2=true; relay

i.e I only relay mail for a user if BOTH conditions 1 and 2 are satisifed
if a mail fails any one of the two tests then DENY relay for that user.

Basically if a user I have wants to send mail as <user at otherdomain.com>
using my mail server then he has to inform me and I add that domain to me
$relaydomains otherwise he better send that mail himself.

Reasons:

I have people running Microsoft exchange who are not permanently connected
but relay through me mail server. Problem is that they are compromised
almsot on a daily basis and spammers then install software on their
machines to send massive amounts of spam through my mail server. I end up
being blacklisted as a spammer! Relay is allowed for them because they are
connecting form valid ip addresses on my network however if I enforced
condition 2, I would reduce on the amount of spam since much of this
software apparently is automated and keeps changing the envelope sender in
order to avoid detection.

Noah.



-----
This is the afnog mailing list, managed by Majordomo 1.94.5

To send a message to this list, e-mail afnog at afnog.org
To send a request to majordomo, e-mail majordomo at afnog.org and put
your request in the body of the message (i.e use "help" for help)

This list is maintained by owner-afnog at afnog.org