[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: policy rejection problem
On Mon, 21 Jun 1999, Ecol wrote:
>> I have in my smtp-policy.dat:
>> mydomain.com = _full_rights
>> .mydomain.com = _full_rights
>>
>> because I want to allow remote users( who claims to be user from my
>> domain) to send e-mails anywhere.
>Without any form of authentication? This is the same as blind
>spam relaying, with the subtle difference that all replies to
>the spam will go to your domain as well :)
>> HELO europa.coi.pw.edu.pl
>Here you clearly state to be from another domain. Now the
>access rules above don't apply to you (since you're not from
>mydomain.com).
>> Why? Where am I wrong?
>>Firstly, you are wrong in setting up a rule like that at all.
>>Allowing relaying should only be done on the basis of IP
>>addresses or proper authentication, otherwise your system will
>>be a spammers' relay before you know.
It's impossible to introduce authentification because of some conditions (no
matter what conditions)
>Secondly, it shouldn't be too difficult to write a proper
>identification script so that you can acchieve what you want
>without relying on bugs or becoming a spam relay nest...
Any detailed suggestion? What did you mean?
>Rik -- Open Source: you deserve to be in control of your data.
Ecol