[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: 2.99.50(snap4) now at ftp.funet.fi (was: Re: Spam help.)



> On Mon, 25 May 1998 mea@nic.funet.fi wrote:
> 
> > ....
> > > Got the doc's and read through the approprate sections. The documents 
> > > describe the HELO portion of the smtpserver config file as containing 2 
> > > fields. 
> > 
> > 	No, you can't achieve reliable anti-relay facilities without
> > 	deploying full smtp-policy configuration.
> 
> I am actually running the full smtp-policy configuration. I only accept 
> mail from valid internal hosts for relaying out and only accept outside 
> mail for systems that we are the MX for.
> 
> Some ^%$#^%@^&^%$&(*(_& is using our system to deliver spam. From what I 
> see the problem is that he is saying that he is a system on our network 
> and since we accept mail from systems on our subnet I end up delivering 
> the mail for him. 

	Ah, I should have figured this one out..
	Yes, of course you used definitions which were default up until
	last week when I added  "_localnames" tag.

	Giving "_full_rights" to DOMAIN in MAIL FROM leads just to this
	behaviour, just like I had written in some comments about the
	policy stuff at:
		http://www.zmailer.org/smtp-policy.html

	Alter the boiler-plate by copying current  _full_rights
	to name  _localnames, and remove "relaycustomer +" from
	the new copy.

	Then modify  policy-builder.sh  program to use "_localnames"
	when constructing entries from the ``localnames'' file.

	Alternatively pick  zmailer-2.99.50-snap4, where these are
	already in place in the smtp-policy.src and policy-builder.sh

...
> Alvin Starr                   ||   voice: (416)493-3325
> Interlink Connectivity        ||   fax:   (416)493-7974
> alvin@iplink.net              ||

/Matti Aarnio