[unisog] Rejecting incoming mail with from addresses in your own
epancer at security.depaul.edu
Tue Jul 22 22:16:02 GMT 2003
On Tue, 2003-07-22 at 10:47:08 -0700, Steve VanDevender proclaimed...
> Generally not a good idea. The main problem is that on most OSes the
> stunnel connection is seen coming from localhost by your mail server,
> bypassing any relay checks or IP-based connection restrictions you might
> have. (I think maybe stunnel on Linux does some kind of trick to make
> the remote address look the same to your mail server as it does to
> stunnel). Spammers are already searching out machines with TLS and weak
> (or no) authentication to inject spam through.
Not entirely true.
Jul 1 00:11:04 mailhost stunnel: spop3 connected from 10.31.113.234:49807
On my spop3 server using stunnel, the above output shows the remote
Eric Pancer . Computer Security Response Team . DePaul University
| PGP = C0 22 49 91 41 E5 51 E7 68 3C F7 65 62 F7 7F 8E 7A CB CF F3 |
More information about the unisog