From owner-freebsd-current Thu Jul 24 16:35:33 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id QAA01767 for current-outgoing; Thu, 24 Jul 1997 16:35:33 -0700 (PDT) Received: from phaeton.artisoft.com (phaeton.Artisoft.COM [198.17.250.50]) by hub.freebsd.org (8.8.5/8.8.5) with SMTP id QAA01762 for ; Thu, 24 Jul 1997 16:35:31 -0700 (PDT) Received: (from terry@localhost) by phaeton.artisoft.com (8.6.11/8.6.9) id QAA18538; Thu, 24 Jul 1997 16:31:16 -0700 From: Terry Lambert Message-Id: <199707242331.QAA18538@phaeton.artisoft.com> Subject: Re: (over)zealous mail bouncing To: Anthony.Kimball@East.Sun.COM Date: Thu, 24 Jul 1997 16:31:16 -0700 (MST) Cc: jas@flyingfox.com, terry@lambert.org, current@FreeBSD.ORG In-Reply-To: <199707242253.RAA01999@compound.east.sun.com> from "Tony Kimball" at Jul 24, 97 05:53:44 pm X-Mailer: ELM [version 2.4 PL24] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-current@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > : Seems like it would be nice for those implementing such a policy to > : allow chopping of subdomain prefixes; e.g., if getpeername/gethostbyaddr > : return foo.bar.acme.com, and the envelope sender is joebob@acme.com, > : then it's OK. Or is that too loose? > > And multiple names. MAIL FROM: jimbob@client.domain.com will often > come from isp.domain.net. And non-Internet paths. > > What about networks that do not use symbolic host names? In both these cases, you must use a "smarter host" that explicitly allows your mail. There are two types of filtering wich occur at a smarter host: 1) Relay filtering Given your getpeername/gethostbyaddr[/gethostbyname] on initial connection to validate you are not a SPAMmer, and filtering on "HELO domain" and "MAIL FROM:" for the same reason, the "RCPT TO:" is checked to see if it is a local address, or one which must be forwarded. If it must be forwarded, only allowed source hosts are permitted to forward. For ISP's, this boils down to an IP address in the range of IP addresses that the ISP dynamically or statically assigns to their customers who pay for relay services. The intent is to prevent the relay of SPAM by a SPAMmer through your machine, making you the target of mailbombs, etc., by upset users (also denial of service for your legitimate customers, etc.). 2) Local address filtering Given the same verified source and address information, you determine if you want to accept the mail for a local user. This allows you to comply with court orders against ISP participation in ISP client harrasment by an outside person or agent. You may not want to prevent the outside agent from sending mail *through* your system, only *to* it. Regards, Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers.