Re: [exim] [NEWBIE]Stop Spammers - How - Confused

Top Page
Delete this message
Reply to this message
Author: Marc Schiffbauer
Date:  
To: exim-users@exim.org
CC: exim
Subject: Re: [exim] [NEWBIE]Stop Spammers - How - Confused
* Wakko Warner schrieb am 21.09.04 um 02:51 Uhr:
> > Thanks for your prompt reply. Will it work, even though the config uses the
> > following setting as well:
> >
> > host_auth_accept_relay = *
> >
> > Do I have to comment this line out? Or will the wildcard only apply to the hosts
> > that I have explicitly permitted?
>
> Are you using exim 3.x? exim 4 does not have this option.
>
> But to answer your question, that will accept relaying via auth for
> EVERYONE, not just your local users.
>
> If I ran an ISPs mail server, I would:
> 1) disallow connections to port 25 from my customers
> 2) have my customers use port 587 (MSA), require authentication, and only
>    allow the sender to be the authenticated sender (to prevent spoofing. 
>    NULL senders would be ok)
> 3) port 25 would never relay under any circumstances (that is excluding
>    domains that I mx for)
> 4) deny access to port 25 to the internet from my customers.  I would allow
>    this for dedicated (static IP) users so they could host their own server.
>    however, they would be responcible for security of their system (IE no
>    open relay)

>
> Ok, you may ask why I'd do #1. Simple, It would stop virus email from ever
> being sent out from a customer. The exception is the virus that uses the
> user's MUA. If the user does not store their password, no problem. #4
> would prevent an emailing virus from spreading (given what I stated before)


And what about viruses having their own SMTP engine?

-Marc
-- 
BUGS My programs  never  have  bugs.  They  just  develop  random
     features.  If you discover such a feature and you want it to
     be removed: please send an email to bug at links2linux.de