[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: policy rejection problem

On Mon, 21 Jun 1999, Ecol wrote:

>> I have in my smtp-policy.dat:
>> mydomain.com  =  _full_rights
>> .mydomain.com  =  _full_rights
>> because I want to allow remote users( who claims to be user from my
>> domain) to send e-mails anywhere.

>Without any form of authentication?  This is the same as blind
>spam relaying, with the subtle difference that all replies to
>the spam will go to your domain as well :)

>> HELO europa.coi.pw.edu.pl

>Here you clearly state to be from another domain. Now the
>access rules above don't apply to you (since you're not from

>> Why? Where am I wrong?

>>Firstly, you are wrong in setting up a rule like that at all.
>>Allowing relaying should only be done on the basis of IP
>>addresses or proper authentication, otherwise your system will
>>be a spammers' relay before you know.

It's impossible to introduce authentification because of some conditions (no
matter what conditions)

>Secondly, it shouldn't be too difficult to write a proper
>identification script so that you can acchieve what you want
>without relying on bugs or becoming a spam relay nest...

Any detailed suggestion? What did you mean? 

>Rik -- Open Source: you deserve to be in control of your data.