[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: postfix relay
> What do you mean by "his domain"? Do you mean the domain of the envelope
> sender of the message? For example,
>
> MAIL FROM:<user at yourisp.net>
> ^^^^^^^^^^^
exactly.
What I am thinking of is
1. Check address and make sure it is in $mynetworks
if 1 = false; deny
elsif
1= true
then
2. Check that domain of envelope sender is in $relaydomains
if 2 =false ; deny
elsif
2=true; relay
i.e I only relay mail for a user if BOTH conditions 1 and 2 are satisifed
if a mail fails any one of the two tests then DENY relay for that user.
Basically if a user I have wants to send mail as <user at otherdomain.com>
using my mail server then he has to inform me and I add that domain to me
$relaydomains otherwise he better send that mail himself.
Reasons:
I have people running Microsoft exchange who are not permanently connected
but relay through me mail server. Problem is that they are compromised
almsot on a daily basis and spammers then install software on their
machines to send massive amounts of spam through my mail server. I end up
being blacklisted as a spammer! Relay is allowed for them because they are
connecting form valid ip addresses on my network however if I enforced
condition 2, I would reduce on the amount of spam since much of this
software apparently is automated and keeps changing the envelope sender in
order to avoid detection.
Noah.
-----
This is the afnog mailing list, managed by Majordomo 1.94.5
To send a message to this list, e-mail afnog at afnog.org
To send a request to majordomo, e-mail majordomo at afnog.org and put
your request in the body of the message (i.e use "help" for help)
This list is maintained by owner-afnog at afnog.org