Dario Alonso writes:
Yes, anyone should be able to send mail to users in my
domain, that's right... but the problem is with the
"jokers".
i.e. one valid user, user1, want's to send a fake mail
to user2. He could create one fake account (user3)
from my domain in his MUA (evolution, kmail, etc...),
and not use authentication for smtp.
He could send without problems a mail from
user3@mydomain to user2@mydomain
That is what it seems to me. Can be avoided that?
Yes. Make sure that you're running identd on the server. Then:
A) If the user sends mail using the sendmail command, the userid will be
shown in the headers.
B) If the user sends mail by connecting to port 25, using either 127.0.0.1,
or your external IP address, the sender's userid will be provided by identd,
and stamped in the headers of the mail.
C) If the user connects from an external IP address that you've granted
relaying privileges, you must then have logs that record who was using the
IP address at the time.
D) If the user connects from a foreign IP address, then this is no different
than anyone else sending a message with randomly-generated From: header. As
such, your recipient should simply be educated that anyone on the Internet
can send E-mail, while pretending to be Santa Claus.
15 messages in net.sourceforge.lists.courier-users[courier-users] Re: courier and smtp-...
