[CLUE-Admin] Re: CLUE-Tech post from admin@clue.denver.co.us requires approval
Dave Hahn
dhahn at dhahn.com
Mon Aug 4 18:46:50 MDT 2003
No, not completely true. Most new installations support an SMTP after
POP type of configuration - meaning - you can relay through the server
from your IP once you authenticate to the POP server. This allows
roaming users and users that may have different IP addresses at
different times to *safely* relay without leaving the server wide open -
as it appears it is now.
-d
-----Original Message-----
From: clue-admin-admin at clue.denver.co.us
[mailto:clue-admin-admin at clue.denver.co.us] On Behalf Of Lynn Danielson
Sent: Monday, August 04, 2003 6:36 PM
To: clue-admin at clue.denver.co.us
Subject: Re: [CLUE-Admin] Re: CLUE-Tech post from
admin at clue.denver.co.us requires approval
Jed S. Baer wrote:
>On Mon, 04 Aug 2003 10:59:19 -0600
>Lynn Danielson <lynnd at techangle.com> wrote:
>
>>We're getting more and more mail like this, where
>>folks are mnuning their email
>>to look like it was sent from someone on our server.
>>
>>
>
>It'd help to see some representative headers.
>
OK:
Received: from localhost ([142.3.208.203])
by clue.denver.co.us (8.9.3/8.9.3) with SMTP id QAA10218
for <clue-talk at clue.denver.co.us>; Mon, 4 Aug 2003 16:51:16 -0600
Date: Mon, 4 Aug 2003 16:51:16 -0600
Message-Id: <200308042251.QAA10218 at clue.denver.co.us>
From: admin at clue.denver.co.us
To: Clue-talk <clue-talk at clue.denver.co.us>
Reply-To: admin at clue.denver.co.us
X-Mailer: The Bat! (v1.61)
X-Priority: 2 (High)
Subject: your account crvaavwa
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----------3254AE670004BE0"
>The first thing that comes to my mind is to use SpamAssasin, or some
other
>bayseian type filtration. The other thing is to require that the From:
>header domain match the originating machine, or something like that. I
>know there are some problems with that, though.
>
Yeah the reverse DNS lookup can be a problem, but I'm beginning to think
it's an acceptable one. But since they are directly using our own
sendmail
server as their smtp server, it wouldn't do any good in this case. I
believe
we're what is referred to as an open relay. Which leaves us open to
some
horrible abuses. I haven't been paying attention to our logs, so as far
as I
know our server could be getting used to spam the world. But if we're
going
to offer email aliases as a membership benefit, it needs to remain open
to
some extent.
Later,
Lynn
_______________________________________________
CLUE-Admin mailing list
Post messages to: CLUE-Admin at clue.denver.co.us
Unsubscribe or manage your options:
http://clue.denver.co.us/mailman/listinfo/clue-admin
More information about the clue-admin
mailing list