Francisco, Francisco Costa wrote:

Greetings,

I was wondering, in my access file under /etc/mail there was:

mydomain.com RELAY

If someone was to spoof mydomain.com, he might be able to send mail throught my server ? I've just changed it to, for example, 192.168.0 RELAY. But I'm still wondering if this is right or wrong... any ideas on this ?

welcome to the wonderful world of anti-relaying. You may take a seat now! :) ;) If you allow relaying based on the sender's domain, anybody who connects to your mail server and tells him FROM: <somename>@mydomain.com could send mail over your machine if there are no further anti-relaying rules. To circumvent this, you could put the official IP addresses of your domain and/or the domains you want to relay for into the access table. Sadly, most people/customers use dialup internet connections, with varying IP addresses, so this method only works if your customers/users for example use an internet access router with a fixed IP/IP range. It's virtually impossible (and also utterly stupid) to insert the IPs of any ISP's dialup-gw's or smtp-gw's of your relay-customers/users into the access.db. Don't even think about it. A good way to provide relay-protection is to use POP before SMTP. This way, a user can only send mail over your hub if he/she first authorizes him/herself via pop3 password. The normal caveats apply here (clear text passwords, etc.). This method is independend from any IP address and could therefore used by dialup users with dynamic IPs. Ask google for more info, it's not very difficult to implement. To get yourself started with anti-relaying, take a look at sendmail.org: http://www.sendmail.org/tips/relaying.html

TIA,

Francisco 'Paladino' Costa

Boris Lorenz <bolo@lupa.de> ---