[Mimedefang] smtp spoofing
Matthew Schumacher
matt.s at aptalaska.net
Thu Jun 2 13:41:59 EDT 2005
David F. Skoll wrote:
> Super-Dome wrote:
>
>
>>how can i disallow use of my domain from outside network using *From address
>>of my domain.
>
>
> You cannot.
>
> Regards,
>
> David.
I have this running at one site:
if((exists $SendmailMacros{md_tag} and $SendmailMacros{md_tag} eq
'authenticated') or ($ip eq "127.0.0.1")){
$authenticated = "TRUE";
md_syslog('info', "user authenticated");
} else {
$authenticated = "FALSE";
md_syslog('info', "user is NOT authenticated");
}
if( ($sender =~ /domain.com/i) && ($authenticated ne "TRUE") ){
return ('REJECT', 'You must authenticate to send mail from an
domain.com account.');
}
This pretty much stops mail from our domain from being spoofed by users
that don't authenticate, then I turn off relaying for everything that
doesn't authenticate.
Viruses that spoof our domain pretty much go nowhere, but places like
ebay that spoof your address to send you email don't work either.
schu
More information about the MIMEDefang
mailing list