[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] Re: How to stop SPAM senders?

Subject: [cobalt-users] Re: How to stop SPAM senders?
From: Bruce Timberlake <bruce@xxxxxxxxxx>
Date: Tue May 6 06:45:00 2003
Organization: BRTNet.org
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> I'm still puzzled. everything that is written in the forums, etc suggest
> that pop before SMTP is the best way to go. Otherwise, your server can
> be used as a relay for anyone.

Only if you do something "bad" and put ".com" in the "Relay for Domains" 
box, etc.  By default, unless you make a change to /etc/mail/access 
(manually or via the GUI), sendmail on the RaQ will not relay mail for 
anyone (other than domains that are hosted on the RaQ).

> You don't need a password to use someone's sendmail.

Only if it's set up as an open relay.  You don't need a password to connect 
to sendmail and _deliver_ a message to a user on that server.

> With pop before SMTP unchecked, anyone can point to your sendmail server
> and send a message.

Again, only if you somehow set it up as an open relay.

> You are saying "turn off pop before SMTP to prevent some unauthorized
> spammer from using your sendmail" I say that's wrong.

Because POP-authenticated relaying is a mechanism to allow relaying outside 
of whatever the admin explicitly sets up (via /etc/mail/access etc), 
there's more of a chance someone could figure out a legit username and 
password and use it to relay. Also, poprelayd is another potential exploit 
source you have to worry about and keep up to date on.  As it uses IP 
addresses to "authenticate" relayers, there's a chance that someone could 
spoof their IP to one that's already been authorized and relay mail 
without ever having to "log in"

The "preferred" solution is to have everyone use their own ISP for outbound 
SMTP.  Obviously that's not always practical or desirable from a user 
point of view, so there are "workarounds" like POP-authenticated relaying, 
etc., which lead to an increased chance your server could be abused by 
spammers.

- -- 
Bruce Timberlake

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE+t7xDvLA2hUZ9kgwRAsuMAJ4yGD1G3WHiwEp1/tXXnej1W1PZEQCfQeTk
0zPhihVPJSYDE027H7j4sVU=
=Oc3Y
-----END PGP SIGNATURE-----

Follow-Ups:
- Re: [cobalt-users] Re: How to stop SPAM senders?
  - From: wcstaff

References:
- [cobalt-users] How to stop SPAM senders?
  - From: Mark Jaggers
- Re: [cobalt-users] How to stop SPAM senders?
  - From: Jeff Lasman
- Re: [cobalt-users] How to stop SPAM senders?
  - From: wcstaff

Prev by Date: Re: [cobalt-users] How to stop SPAM senders?
Next by Date: [cobalt-users] Re: No gpg for software updates?
Previous by thread: Re: [cobalt-users] How to stop SPAM senders?
Next by thread: Re: [cobalt-users] Re: How to stop SPAM senders?

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index