On Thu, 22 Aug 2002, zabbe wrote:
> This is a multi-part message in MIME format.
> --
> [ Picked text/plain from multipart/alternative ]
> Hello.
>
> I have a Exim 3.36 server and it handles the domain reboot.nu
> The problem I have is that is "relays" mail for other domains aswell, I have seen *@yahoo.com and other
> addresses sending mail thru my system. How do I change so that it only accepts *@reboot.nu for outgoing mail
> thru exim?
Relaying is normally an IP address thing. You relay mail from known
networks to any Internet destination, and accept mail from arbitrary
origins ony if it is addressed to your domains. You can also relay if
you can authenticate the sender (SMTP AUTH, POP-BEFORE-SMTP type setups)
> I want everyone to be able to send mail thru my system, as long as they have a *@reboot.nu domain in their email address.
No, you dont. You only want your customers/employees/family/members/etc,
and other people who have specifically arranged to provide service for
to be able to send mail through your system
If you allow anyone to relay based on the address they claim to be
sending from, then I, or anyone else, could connect to your machine from
a throw away or free-dialup account, issue
"MAIL FROM: postmaster@???",
send ads for (Viagra/Porn/MMF/etc), and many of the recipients would
think *you* were sending the spam.
As long as you can track the seneder by IP address, it really doesnt
matter when the sender email address is. Perhaps someone wants to be
able to POP their account somewhere else, and wants to be able to reply
using their email address for that account? Assuming its correctly
configured, they wont be able to relay thru that server from your
network (unless it supports SMTP AUTH), so they will need to use yours.
If you are worried about forgery, don't. The most common reason for
forging addresses is to gain relay access to a machine that you dont
already have access to and is (improperly) configured to relay based on
the sender address.
>
> //Jonas
> --
>
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ##
>
>
