From owner-freebsd-hackers Thu Jun 26 15:44:22 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id PAA16709 for hackers-outgoing; Thu, 26 Jun 1997 15:44:22 -0700 (PDT) Received: from phaeton.artisoft.com (phaeton.Artisoft.COM [198.17.250.50]) by hub.freebsd.org (8.8.5/8.8.5) with SMTP id PAA16704 for ; Thu, 26 Jun 1997 15:44:18 -0700 (PDT) Received: (from terry@localhost) by phaeton.artisoft.com (8.6.11/8.6.9) id PAA08890; Thu, 26 Jun 1997 15:31:22 -0700 From: Terry Lambert Message-Id: <199706262231.PAA08890@phaeton.artisoft.com> Subject: Re: talking in SMTP To: giles@nemeton.com.au (Giles Lean) Date: Thu, 26 Jun 1997 15:31:22 -0700 (MST) Cc: rblim@aht.com, hackers@FreeBSD.ORG In-Reply-To: <314.867362072@nemeton.com.au> from "Giles Lean" at Jun 27, 97 07:54:32 am X-Mailer: ELM [version 2.4 PL24] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-hackers@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > > I got some concerns about talking in SMTP. It seemed that people can > > just use anonymous name or arbitrary name to send junk mail to other > > people. Maybe bomb up your mailbox. Are there any ways to validify the > > sender's email address in "talking in SMTP"? > > You are correct. SMTP provides for no authentication. RFC821 (the SMTP protocol definition) provides for negative responses to "HELO". Combined with RFC1859 (the ESMTP extension format definition), it is possible to add authentication. It is generally more useful to use RFC1846 ("521" error response) to known SPAM IP address ranges and SPAM domain names, if given. This allows you to give errors to spam sites on initial greeting, or to SPAM sites after they identify themselves via "HELO" or "EHLO". It is also permissibale to give "550" error resonses to the SPAM site as it enters "RCPT TO:" commands to say "No access to mailbox" > Mail relaying makes this almost impossible to do. Imagine if I sent > this mail to my ISP first instead of directly to you; sendmail at the > ISP would relay the mail to you and no amount of cross checking of > incoming IP addresses and the mail envelope addresses would match. Non-local addresses can be responded with "551 User not local". You can give this response for a non-local source address, as well as a non-local target address (ie: you refuse relaying). Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers.