[Dshield] Re: Dshield digest,
swimmer at dwhite.ws
Tue Mar 12 18:22:45 GMT 2002
Obviously you have your email server software set up to "relay for anyone."
It is imperative that you disable this function. Additionally, there should
be a setting to enable relaying for "authenticated users only." That
should be enabled. The next step is to deny NULL senders (<>)
These are general instructions, becasue you did not indicate what server
software you are using for your email.
The above are clear for Ipswitch Imail server, and the settings are similar
For Linux sendmail, there are requirements for scripting (readily available)
to add to put in those restrictions.
I can go into more detail if I know what software you are using.
> Message: 8
> From: James Jarvis <james.jarvis at quest-media.com>
> To: "'list at dshield.org'" <list at dshield.org>
> Date: Tue, 12 Mar 2002 15:56:16 -0000
> Subject: [Dshield] Exchange 5.5
> Reply-To: list at dshield.org
> Hi There,
> I have only just signed up to this list after a recomendation from a
> of Web Disucussion list, I have a question, and he though you could all
> me! The Problem is as follows
> Our server here has been targeted for the last week by spammers. Some of
> time the message originates from a Yahoo or Hotmail Account, other times
> they have bloked their address and it is displayed as < >.
> Even though we operate about 40 domain names on this server, everyone (Who
> should) be sending out mail is sending it from a CDentral domain.
> Does anyone know how to block OUTGOING messages unless sent from
> *@ourdomain. We have already been blaklisted by our ISP's twice in the
> week for sending unsolicittated mails evenb thougfh we had no idea what
> happened. Also, 7/10 messages are bouncing back when we send them because
> our ISP Policing what we are sneding out.
> If any one has any alternative ideas, or comments, I would really
> Any help much appreicated,
More information about the list