Saturday, July 4, 2015

smtp - Make sendmail require authentication for mail from local domains

Server is running sendmail 8.14




From any machine:



$ telnet mydomain.com 25
HELO mydomain.com
MAIL FROM: 
RCPT TO: 
DATA
this is spam
.



How do I require authentication for any mail that claims to be from a local domain?



This seems like a no-brainer anti-spam feature.



FROM         TO           RESULT
any          non-local    "Relaying denied. Proper authentication required."
non-local    local        success [1]
local        local        success [2]



[1] This is acceptable. Outsiders can send to local users without any kind of authentication. Various DNS checks can be done.



[2] This is the problem. Why should I allow anyone to mail a local user while claiming to be a local user?

-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

linux - How to SSH to ec2 instance in VPC private subnet via NAT server

I have created a VPC in aws with a public subnet and a private subnet. The private subnet does not have direct access to external network. S...