RE: [Exim] Re: Mail relay problems

Top Page
Delete this message
Reply to this message
Author: Dave C.
Date:  
To: Andy Coy
CC: exim
Subject: RE: [Exim] Re: Mail relay problems
On Sun, 9 Jun 2002, Andy Coy wrote:

> post# sendmail -bP host_accept_relay
> host_accept_relay =
> localhost:127.0.0.1:212.1.128.0/19:62.6.186.226:80.40/13:212.74.96.0/19:212.
> 159.128.0/18:62.64.128.0/19:212.139.32.0/19:212.139.128.0/17:213.123.76.0/23
> :62.7.125.0/24:62.7.126.0/24:62.7.127.0/24:80.225/16
> post#
>
> I think I have fixed most of it. At the end of the long list of IP's I added
> *.tiscali.com and suddenley it's started to relay. I beleive the problem to
> be down to the 'funky' DNS someone else mentioned earlier.
>


Do keep in mind that this setup makes you an open relay. (Eg, tons of
people who are *not* your customers can relay through your server)

Spammers *WILL* find you, and they will start taking advantage of this.
When they do, your servers IP will find its way onto many of the various
DNSBL's, some of which are used by quite a variety of people to reject
mail. Eg, eventually, your customers (both the paying ones and the
spammers you will be providing free service to) will find their mails
rejected by many of those servers when they are sent via your server.
The spammers wont care, but I presume your customers will.

In order to prevent this hapenning, you need a way of distinguishing
your customers from the spammers. Since you don't know which of
apparently hundreds of thousands of IP addresses they might be on at any
given time, the only way to do this is with SMTP AUTH. This is not that
difficult to setup, but you might have a hard time convincing your
customers to start using it once they have become accustomed to not
needing it. (On a good note, it might be easier to convince them after
your server is on the various lists of open relays. Of course, at that
point just setting up SMTP auth wont get you off of them. It will take
clearing out any IP's from host_acept relay not directly under your
control, and then it will take time going by)