|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Stopping Spam/Virus using fake address' inside local network
From: Mike Burger (mburger
bubbanfriends.org)
Date: Wed Jun 01 2005 - 15:27:38 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Might I suggest, instead, that SMTP-AUTH might be a better way to go?
The virii, to date, aren't smart enough to pull the auth info from the
mail client, so restricting the relay to authenticated users would
effectively block the virus-generated drek.
On Wed, June 1, 2005 5:04 pm, Righteous Jester said:
> Howdy Everybody.
>
> I want to allow clients to relay through my box, but base the allow
rules on IP address and domain names.
>
> Here is the situation. We currenlty have about a 100 IP that are
allowed to relay through our box which works wonderfully.
>
> The problem is, when one of these guys gets a virus, it sends out
hundreds of emails with a fake sender address e.g. moocowyahoo.com to
random address e.g. foobarhotmail.com which we kindly deliver for them
because their IP address is in $my_networks.
>
> I want to be able to allow these guys to relay through us using there IP
but the same time say that the senders domain must be in this list
"/etc/postfix/clients" - if it isn't then the recpient must be either a
local destination or a relay_domain. So if the senders domain is not in
the list and there recipient is not a local user or relay_domain - then
it must be denied.
>
> Here is the setup I tried.
>
> smtpd_recipient_restrictions = permit_auth_destination,
> check_client_access hash:/etc/postfix/clients,
> reject_unlisted_sender,
> reject_unauth_destination
>
> This works until the local domains try to send outside e.g.
> memydomain.com to moocowyahoo.com then I get:
> reject: RCPT from memydomain.com - Relay access denied
> And as soon as I add "permit_mynetworks" then I am back to sqaure one.
>
> So can someone throw me a freakin bone here?
>
--
Mike Burger
http://www.bubbanfriends.org
Visit the Dog Pound II BBS
telnet://dogpound2.citadel.org or http://dogpound2.citadel.org:2000
To be notified of updates to the web site, visit
http://www.bubbanfriends.org/mailman/listinfo/site-update, or send a
message to:
site-update-requestbubbanfriends.org
with a message of:
subscribe
--
Mike Burger
http://www.bubbanfriends.org
Visit the Dog Pound II BBS
telnet://dogpound2.citadel.org or http://dogpound2.citadel.org:2000
To be notified of updates to the web site, visit
http://www.bubbanfriends.org/mailman/listinfo/site-update, or send a
message to:
site-update-requestbubbanfriends.org
with a message of:
subscribe
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]