Thank you very much for your help thus far. Here is my next question :-)
I just plugged the new part of the config in... When I try to email to my
hotmail account I got this:
[Mail not sent. Sending error: 535 Incorrect authentication data]
I will look that up myself.
But I changed my sending address to frankd@??? to see if it would stop
me from sending and it didn't.
Should I put a deny domainlist = !+sender_domains to reject false domains?
Thanks
On 12/27/08 10:09 AM, "Lena@???" <Lena@???> wrote:
>> From: Frank DeChellis
>
>> even if somebody was using a permitted IP address
>
> I.e. in +relay_from_hosts or authenticated, right?
>
>> their
>> mail must still have a domain listed in local_domains . So an infected user
>> could not unknowingly send out mail through our SMTP because the from: field
>> has an invalid domain.
>
> Then:
>
> acl_check_rcpt:
> accept hosts = :
> deny message = Restricted characters in address
> domains = +local_domains
> local_parts = ^[.] : ^.*[@%!/|]
> deny message = Restricted characters in address
> domains = !+local_domains
> local_parts = ^[./|] : ^.*[@] : ^.*/\\.\\./
> accept local_parts = postmaster
> domains = +local_domains
> require verify = sender
> accept hosts = +relay_from_hosts
> domains = +sender_domains
> control = submission/domain=
> accept authenticated = *
> domains = +sender_domains
> control = submission/domain=
> require message = relay not permitted
> domains = +local_domains : +relay_to_domains
> require verify = recipient
> (checking RBLs here)
> accept
>
Frank DeChellis
President, Internet Access Worldwide
Welland, Ontario, Canada
www.iaw.com
