Hi all,
Actually I had framed the question wrong in a jiffy.........thank you for the answers..
The problem i have observed with most of the mail servers in a corporate network is that there seems to be no authentication on the relay mail server........
I have observed that although the servers in the internal network of a corporate org have proper SMTP auth means, the relays or gateways for external mail delivery do not seem to authenticate the user.
On such n/w's I'am able to send mail from xyz@copstop.com to abc@copstop.com using low level SMTP chat from home by telnet to port 25 to one of copstop.com's relay servers facing the internet. Where'as i'am not either of the two.
The mail received by abc looks original but shows
from : xyz@copstop.com to: <> undisclosed recipients
in the header and logs.
Is there a way out where I can stop
mail from: xyz@copstop.com
only when the relay server is accepting mails from other servers.(incoming)
The gateway is using sendmail as an MTA.
I would be happy to give any clarifications needed.
Note : the internal mail servers consist of exchange, sendmail servers and lotus dominos....the auth means are different. the decentralization has been done coz each unit is different entity in itself.
bye rgds
biju
--------------------------------- Do you Yahoo!? Check out the new Yahoo! Front Page. www.yahoo.com/a
On Tue, Nov 02, 2004 at 06:24:42AM -0800, BIJU KRISHNAN wrote:
On such n/w's I'am able to send mail from xyz@copstop.com to abc@copstop.com using low level SMTP chat from home by telnet to port 25 to one of copstop.com's relay servers facing the internet. Where'as i'am not either of the two. Is there a way out where I can stop mail from: xyz@copstop.com
You'd kill my ability to send email from home to work. Though you didn't say anything about SMTP AUTH, which is what $workplace uses.
But look at SPF.
On 02/11/04 06:24 -0800, BIJU KRISHNAN wrote:
Hi all,
Actually I had framed the question wrong in a jiffy.........thank you for the answers..
The problem i have observed with most of the mail servers in a corporate network is that there seems to be no authentication on the relay mail server........
I have observed that although the servers in the internal network of a corporate org have proper SMTP auth means, the relays or gateways for external mail delivery do not seem to authenticate the user.
Whats with the line length? How do you expect the inbound servers to authenticate the sender, and why do you expect them to authenticate said sender?
On such n/w's I'am able to send mail from xyz@copstop.com to abc@copstop.com using low level SMTP chat from home by telnet to port 25 to one of copstop.com's relay servers facing the internet. Where'as i'am not either of the two.
I believe you are confusing between relay and MX. They serve different purposes, and are configured differently. The frontline MX merely needs to verify that the recipient is valid, and that the mail is acceptable to the organisation.
If you require that the MX further validate that there should be no senders in the domains in accepts mail for, then IIRC, there is no off the shelf solution with Sendmail. You will have to code a milter.
With Postfix, providing a check_sender_access control should suffice.
Devdas Bhagat
On such n/w's I'am able to send mail from xyz@copstop.com to abc@copstop.com using low level SMTP chat from home by telnet to port 25 to one of copstop.com's relay servers facing the internet. Where'as i'am not either of the two.
If it is only a relay server and not an MX then it should not be accepting connections from the internet.
The mail received by abc looks original but shows
from : xyz@copstop.com to: <> undisclosed recipients
in the header and logs.
That is because you did not put the To: header in the DATA part.
Is there a way out where I can stop
mail from: xyz@copstop.com
only when the relay server is accepting mails from other servers.(incoming)
If it is only relaying mail to the internal servers (MX) and not relaying for them,this can fix it: add an entry to /etc/mail/access
From:costop.com REJECT
If it is relaying mail and also acting like an MX, then maybe you can check this page out
http://www.sendmail.org/m4/anti_spam.htm
-
BIJU KRISHNAN -
Clifford D'Mello -
Devdas Bhagat -
Satya