[Mimedefang] Rejecting forged senders - comments?
adam at krusty.madoff.com
Wed Sep 20 14:25:48 EDT 2006
On Wed, 2006-09-20 at 13:55 -0400, Cormack, Ken wrote:
> > Something else you can do to cut down on the problem is to make sure
> > Sendmail is set to reject messages with local senders that don't exist.
> We've discussed this, internally. We host the user mailboxes on internal
> Exchange servers, but run MIMEDefang on a pair of machines in the DMZ. We
> could use MIMEDefang's support for querying those servers to see if the
> recipient exists or not, rather than relaying the message inbound, only to
> have Exchange decide the user doesn't exist. But that wouldn't contribute
> to stopping an email from "me" coming in to "me", for example. That was the
> topic at hand.
You might also ask yourself whether you expect to get any legitimate
non-auth mail from your domain addresses via your MX hosts on port 25.
We see a lot of spam coming in to our MX hosts using valid internal mail
addresses as the sender address. The reality though (for us at least)
is that we have no reason to see this type of traffic. Our remote users
use authentication (which can be checked by mimedefang) and/or a web
interface (also using authentication) to send mail to our internal
users. With very few exceptions, (which I'm in the process of hunting
down and killing) there is no valid mail traffic through these machines
which should be using my mail domains as the sender.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 189 bytes
Desc: This is a digitally signed message part
More information about the MIMEDefang