From owner-freebsd-questions@FreeBSD.ORG Sun Aug 15 20:16:01 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5D97A10656A3 for ; Sun, 15 Aug 2010 20:16:01 +0000 (UTC) (envelope-from norgaard@locolomo.org) Received: from mail.locolomo.org (97.pool85-48-194.static.orange.es [85.48.194.97]) by mx1.freebsd.org (Postfix) with ESMTP id 165DF8FC19 for ; Sun, 15 Aug 2010 20:16:00 +0000 (UTC) Received: from beta.local (unknown [80.150.105.138]) by mail.locolomo.org (Postfix) with ESMTPSA id 5801C1C0871 for ; Sun, 15 Aug 2010 22:15:59 +0200 (CEST) Message-ID: <4C684AFD.5030607@locolomo.org> Date: Sun, 15 Aug 2010 22:15:57 +0200 From: Erik Norgaard User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.2.8) Gecko/20100802 Lightning/1.0b2 Thunderbird/3.1.2 MIME-Version: 1.0 To: freebsd-questions@freebsd.org References: <201008142113.o7ELDsin018314@mail.r-bonomi.com> <20100815152031.D72621065675@hub.freebsd.org> In-Reply-To: <20100815152031.D72621065675@hub.freebsd.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: Open Mail Relay X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 15 Aug 2010 20:16:01 -0000 On 15/08/10 13.57, peter@vfemail.net wrote: > Assume, as Mr. Bonomi suggests, that some bad guy has installed some type of additional mailer on the machine or another machine that's allowed to relay mail. How would I go about locating that other mailer? If the messages are indeed relayed through your server then you can see it in the logs and in the Received header field which host is sending the mail to your server. If somebody forges mail to appear to come from your domain, but not relayed through your server there is really not much you can do. Only the recipient server can reject the mails. Some servers support spf and you can help other servers know that mail from your domain must originate from your server by adding a txt entry in your dns. BR, Erik