First, sorry the thread got away, I was thinking that the issue was related not trying to steal it...
I read my maillogs and see that relaying is denied when I see the attempts. However sometimes I get mail delivery errors for emails I haven't sent? What I was thinking is that someone could do a telnet in to my port 25 and use my domain to send from... (as if the user where from my domain...)
Thanks,
James
For users of Fedora Core releases <fedora-list@xxxxxxxxxx> wrote:
> On Fri, 2004-07-23 at 12:23, James Marcinek wrote:
> > I'm no
expert at this but I did some reading and was under the
> > impression
that people will use your mail server to send emails and
> > that
there's not a lot that can be done about it. I would definitely
> >
like to be proven wrong with this. The simply script something to
> >
telnet into your mail port and send emails... These emails are
> >
generated from your server so even setting your email to send only
> >
from your domain does not protect you. Is anyone listening that could
>
> shed some more light on this?
> >
> > Thanks,
>
>
> > James
>
> What you are describing is an email
relay. Most systems today ship with
> relaying disabled (including all
linux distros that I know of). If you
> have an open relay it will be
found by the spammers and used. This is
> one reason to be very careful
and sure of what you are doing when
> modifying sendmail or one of the
other MTAs available for linux.
>
> If you have not modified your
systems MTA configuration you should be
> fine.
>
> At work I
see literally hundreds of attempts per day to relay email
> through our
mail server. Each one of them is denied.
>
> If you have any doubts
about your servers setup do some reading on your
> particular MTA. You can
also test this by simply telneting to port 25
> of your server and issuing
the following commands when you get a
> connection:
>
> helo
testdomain.com
> mail from: badspammer@xxxxxxxxx
> rcpt to:
hapless@xxxxxxxxxx
> data
> this is test data
