On Tue, 2007-03-06 at 15:55 +0000, Steve Searle wrote: > I understood the firewall has to be open to allow sendmail to accept > email from the internet, and that could be email for the domain, or > email for other domains, and the firewall can't differentiate. That's the first step. The firewall passes through attempts to connect to your SMTP server, and doesn't know right from wrong usage, as you've surmised. You can firewall against certain IPs, if you were able to determine that they were only abusive in nature, but that can be a difficult task (the abusers might come from different sources, and you can end up blocking non-abusers). Some ignorant admins will do that, throwing the baby out with the bathwater, stupidly believing that they're not creating a problem. > Which is why sendmail needs to be configured to not accept email for > domains other than those that are specifically intended. Correct. Firewalls only affect network connections, the applications need to be configured to do their job properly. It doesn't matter if disallowed things *attempt* to use your SMTP server, it does matter if they succeed. Of course you'll get a lot of attempts, and need to be able to handle that. I think it was about 60,000 spam attempts an hour that a local BBS had to contend with, years ago, when they put themselves on the net. Numbers will vary, but it indicates the huge potential for abuse that you might have to deal with. Some abusers will go hunting for SMTP servers and keep hammering away at it, they won't give up if they don't get anywhere, they'll just keep on abusing you. -- (This PC runs FC4, my others FC5 & FC6, in case that's important to the thread) Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists.
