|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Stopping Spam/Virus using fake address' inside local network
From: Righteous Jester (me
righteousjester.co.za)
Date: Wed Jun 01 2005 - 17:04:08 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Howdy Everybody.
I want to allow clients to relay through my box, but base the allow
rules on IP address and domain names.
Here is the situation. We currenlty have about a 100 IP that are
allowed to relay through our box which works wonderfully.
The problem is, when one of these guys gets a virus, it sends out
hundreds of emails with a fake sender address e.g. moocowyahoo.com to
random address e.g. foobarhotmail.com which we kindly deliver for them
because their IP address is in $my_networks.
I want to be able to allow these guys to relay through us using there IP
but the same time say that the senders domain must be in this list
"/etc/postfix/clients" - if it isn't then the recpient must be either a
local destination or a relay_domain. So if the senders domain is not in
the list and there recipient is not a local user or relay_domain - then
it must be denied.
Here is the setup I tried.
smtpd_recipient_restrictions = permit_auth_destination,
check_client_access hash:/etc/postfix/clients,
reject_unlisted_sender,
reject_unauth_destination
This works until the local domains try to send outside e.g.
memydomain.com to moocowyahoo.com then I get:
reject: RCPT from memydomain.com - Relay access denied
And as soon as I add "permit_mynetworks" then I am back to sqaure one.
So can someone throw me a freakin bone here?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]