[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: policy rejection problem



On Mon, 21 Jun 1999, Ecol wrote:

> I have in my smtp-policy.dat:
> mydomain.com  =  _full_rights
> .mydomain.com  =  _full_rights
> 
> because I want to allow remote users( who claims to be user from my
> domain) to send e-mails anywhere.

Without any form of authentication?  This is the same as blind
spam relaying, with the subtle difference that all replies to
the spam will go to your domain as well :)

> HELO europa.coi.pw.edu.pl

Here you clearly state to be from another domain. Now the
access rules above don't apply to you (since you're not from
mydomain.com).

> Why? Where am I wrong?

Firstly, you are wrong in setting up a rule like that at all.
Allowing relaying should only be done on the basis of IP
addresses or proper authentication, otherwise your system will
be a spammers' relay before you know.

Secondly, it shouldn't be too difficult to write a proper
identification script so that you can acchieve what you want
without relying on bugs or becoming a spam relay nest...

Rik -- Open Source: you deserve to be in control of your data.
+-------------------------------------------------------------------+
| Le Reseau netwerksystemen BV:               http://www.reseau.nl/ |
| Linux Memory Management site:   http://www.linux.eu.org/Linux-MM/ |
| Nederlandse Linux documentatie:          http://www.nl.linux.org/ |
+-------------------------------------------------------------------+