Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 13 Sep 2003 13:03:23 -0500
From:      Gary <gv-list-freebsdquestions@mygirlfriday.info>
To:        questions@freebsd.org
Subject:   Re: Not quite mail relay
Message-ID:  <159587218.20030913130323@mygirlfriday.info>
In-Reply-To: <A99A5AC30F74624388EE5F757BA58A2026C725@RED-MSG-50.redmond.corp.microsoft.com>
References:   <A99A5AC30F74624388EE5F757BA58A2026C725@RED-MSG-50.redmond.corp.microsoft.com>

next in thread | previous in thread | raw e-mail | index | archive | help
Hello Derrick,

Saturday, September 13, 2003, 12:02:01 PM, you wrote:

D> I am looking for a way to further secure a mail server.

A mail server is either secure or not, not half way... it's like being
half pregnant.  If you installed qmail properly and from lifewithqmail.org
it is secure by default.

D> It isn't an open rely, but when others try to use it as such with bad
D> return addresses, a small flood of rejection mail end up on the bad
D> addressed server.

Is it at your server?  If not so ..

Spammers forge return addresses all the time. This has nothing to do with
qmail.  If they are using a forged return address, they are not using your
server.

D> Ex.
 
D> To: blah@msn.com
D> From: fake@hotmail.com
 
D> hotmail ends up with a ton of bounce msgs

Bounces are a normal part of email life.

D>  and thinks the server is a relay.

No they don't. Email admims look at the last sender IP address in the
headers, which is the only valid address, all others are usually forged.

D> How would I go about just dropping those msgs completely?

Are you saying you are getting bounced messages from your domain, or are
you getting messages from hotmail, just what are you saying.. Are they
coming from one source, one From sender, what?
 
D> Qmail is the mail server, but I was hoping someone would have an idea.

Yes, but you have to provide more info rather than speculate on what you
are having  a problem with.  Are you an open relay? Check your logs? If
so, something is not configured properly.  If you are just getting bounces
from your own domain, and someone is forging your domain as the sender or
return address in their spam, that is called a Joe-Job.

-- 
Best regards,
 Gary 



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?159587218.20030913130323>