Hello,
we have a small game server and for adminstration, questions by players and so on we have a small Email server - Mercury 4.72.
Runs like a charm - but...
Staff (people who help me running our game server) are allowed to relay Email, so that players see the Email as coming from our domain. Everybody is allowed to send us Email, from the internet to local Email addresses. This works well, especially since I upgraded to 4.72.
Before upgrade I saw a lot of Spam, where the 'From:' line was faked, so that it looked as if one of us had sent the Email. This disabled our Spam control.
Now with 4.72 I use the following configuration:
Relaying Email is only allowed for authenticated SMTP connections - so we can use our server to send Email.
SMTP configuration tab 'Connnection control' has under relaying control
'Use strict local relaying rstrictions' - YES
' Authenticated SMTP connections may relay mail' - YES
'Only authenticated SMTP connections may relay mail' - NO
Now we have a mailing list configured, which is essentially an address like list_name@myhost.com and internally it is distributed to several local users. Everybody can send to this list, and all configured members receive the mail.
Now Spammers are sending to this list, in this form
From: Rolex.com <list_name@myhost.com>
To: <list_name@myhost.com>
...
They seem to disable the local restriction, because they fake the 'From' address. What am I doing wrong?
Spam-mail with faked From-Lines (which emulated local, by using the same name as the Spam-addressee) have stopped, but with the list it continues.
Should I use
'Only authenticated SMTP connections may relay mail' - YES ?
Will we be able to send and receive mail normally with this configuration?
Thank you!
Jupiter11
<p>Hello,</p><p>we have a small game server and for adminstration, questions by players and so on we have a small Email server - Mercury 4.72.</p><p>Runs like a charm - but...</p><p>Staff (people who help me running our game server) are allowed to relay Email, so that players see the Email as coming from our domain. Everybody is allowed to send us Email, from the internet to local Email addresses. This works well,&nbsp; especially since I upgraded to 4.72. </p><p>Before upgrade I saw a lot of Spam, where the 'From:' line was faked, so that it looked as if one of us had sent the Email. This disabled our Spam control.</p><p>Now with 4.72 I use the following configuration:</p><p>Relaying Email is only allowed for authenticated SMTP connections - so we can use our server to send Email.</p><p>SMTP&nbsp; configuration tab 'Connnection control' has under relaying control</p><p>'Use strict local relaying rstrictions' - YES</p><p>' Authenticated SMTP connections may relay mail' - YES</p><p>'Only authenticated SMTP connections may relay mail' - NO</p><p>Now we have a mailing list configured, which is essentially an address like list_name@myhost.com and internally it is distributed to several local users. Everybody can send to this list, and all configured members receive the mail. </p><p>Now Spammers are sending to this list, in this form</p><p>From: Rolex.com &lt;list_name@myhost.com&gt;</p><p>To:&nbsp; &lt;list_name@myhost.com&gt;</p><p>...</p><p>They seem to disable the local restriction, because they fake the 'From' address. What am I doing wrong? </p><p>Spam-mail with faked From-Lines (which emulated local, by using the same name as the Spam-addressee) have&nbsp; stopped, but with the list it continues.</p><p>Should I use&nbsp;
</p><p>'Only authenticated SMTP connections may relay mail' - YES ?</p><p>Will we be able to send and receive mail normally with this configuration?</p><p>Thank you!</p><p>Jupiter11
</p><p>&nbsp;</p>
