Author: Alan J. Flavell Date: To: Dave C. CC: Exim users list Subject: Re: [Exim] How to force SMTP AUTH for certain return-path ?
On Mon, 24 Jun 2002, Dave C. wrote:
> On Mon, 24 Jun 2002, Alan J. Flavell wrote:
>
> > > Unless you are an open relay, spammers (who arent your customers)
> > > shouldnt be able to send mail through your server anyway.
> >
> > Correct, but this isn't the problem. The spammers are spamming _our_
> > users, they aren't relaying through us.
>
> I'm assuming you've also investigated DNSbls, sender verification,
> header syntax checks.. etc..
Just to confirm that yes indeed, we do all of that, and it rejects a
lot of spam (and the occasional bona fide mail from those whose mail
software doesn't conform to published specifications).
I'm talking about stuff that gets past all of that. Why did you
mention "sender verification"? Naturally if they counterfeit a valid
local address as sender, it's going to pass sender verification, so
_that_ particular measure doesn't help in such cases.