|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Stopping Spam/Virus using fake address' inside local network
me
righteousjester.co.za
Date: Wed Jun 01 2005 - 15:39:28 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I have SMTP-AUTH with SASL setup and I agree it works fantastic.
But the problem is that we have roughly 10000 individual users relaying
through this guy and there are many of them who are using clients that
cannot do SMTP-AUTH - so the outlook is dim - and that would be a helluva
a change to make.
Thanks for the advice though - but I need to find a way where the relaying
is based on the IP and the domains - or I am open to any other
suggestions.
>
> Might I suggest, instead, that SMTP-AUTH might be a better way to go?
>
> The virii, to date, aren't smart enough to pull the auth info from the
> mail client, so restricting the relay to authenticated users would
> effectively block the virus-generated drek.
>
> On Wed, June 1, 2005 5:04 pm, Righteous Jester said:
>> Howdy Everybody.
>>
>> I want to allow clients to relay through my box, but base the allow
> rules on IP address and domain names.
>>
>> Here is the situation. We currenlty have about a 100 IP that are
> allowed to relay through our box which works wonderfully.
>>
>> The problem is, when one of these guys gets a virus, it sends out
> hundreds of emails with a fake sender address e.g. moocowyahoo.com to
> random address e.g. foobarhotmail.com which we kindly deliver for them
> because their IP address is in $my_networks.
>>
>> I want to be able to allow these guys to relay through us using there IP
> but the same time say that the senders domain must be in this list
> "/etc/postfix/clients" - if it isn't then the recpient must be either a
> local destination or a relay_domain. So if the senders domain is not in
> the list and there recipient is not a local user or relay_domain - then
> it must be denied.
>>
>> Here is the setup I tried.
>>
>> smtpd_recipient_restrictions = permit_auth_destination,
>> check_client_access hash:/etc/postfix/clients,
>> reject_unlisted_sender,
>> reject_unauth_destination
>>
>> This works until the local domains try to send outside e.g.
>> memydomain.com to moocowyahoo.com then I get:
>> reject: RCPT from memydomain.com - Relay access denied
>> And as soon as I add "permit_mynetworks" then I am back to sqaure one.
>>
>> So can someone throw me a freakin bone here?
>>
>
>
> --
> Mike Burger
> http://www.bubbanfriends.org
>
> Visit the Dog Pound II BBS
> telnet://dogpound2.citadel.org or http://dogpound2.citadel.org:2000
>
> To be notified of updates to the web site, visit
> http://www.bubbanfriends.org/mailman/listinfo/site-update, or send a
> message to:
>
> site-update-requestbubbanfriends.org
>
> with a message of:
>
> subscribe
>
>
>
> --
> Mike Burger
> http://www.bubbanfriends.org
>
> Visit the Dog Pound II BBS
> telnet://dogpound2.citadel.org or http://dogpound2.citadel.org:2000
>
> To be notified of updates to the web site, visit
> http://www.bubbanfriends.org/mailman/listinfo/site-update, or send a
> message to:
>
> site-update-requestbubbanfriends.org
>
> with a message of:
>
> subscribe
>
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]