Author: Wakko Warner Date: To: exim CC: exim-users@exim.org Subject: Re: [exim] [NEWBIE]Stop Spammers - How - Confused
> Thanks for your prompt reply. Will it work, even though the config uses the > following setting as well:
>
> host_auth_accept_relay = *
>
> Do I have to comment this line out? Or will the wildcard only apply to the hosts
> that I have explicitly permitted?
Are you using exim 3.x? exim 4 does not have this option.
But to answer your question, that will accept relaying via auth for
EVERYONE, not just your local users.
If I ran an ISPs mail server, I would:
1) disallow connections to port 25 from my customers
2) have my customers use port 587 (MSA), require authentication, and only
allow the sender to be the authenticated sender (to prevent spoofing.
NULL senders would be ok)
3) port 25 would never relay under any circumstances (that is excluding
domains that I mx for)
4) deny access to port 25 to the internet from my customers. I would allow
this for dedicated (static IP) users so they could host their own server.
however, they would be responcible for security of their system (IE no
open relay)
Ok, you may ask why I'd do #1. Simple, It would stop virus email from ever
being sent out from a customer. The exception is the virus that uses the
user's MUA. If the user does not store their password, no problem. #4
would prevent an emailing virus from spreading (given what I stated before)
--
Lab tests show that use of micro$oft causes cancer in lab animals