[unisog] Rejecting incoming mail with from addresses in your own domain.

Eric Pancer epancer at security.depaul.edu
Tue Jul 22 22:16:02 GMT 2003


On Tue, 2003-07-22 at 10:47:08 -0700, Steve VanDevender proclaimed...

> Generally not a good idea.  The main problem is that on most OSes the
> stunnel connection is seen coming from localhost by your mail server,
> bypassing any relay checks or IP-based connection restrictions you might
> have.  (I think maybe stunnel on Linux does some kind of trick to make
> the remote address look the same to your mail server as it does to
> stunnel).  Spammers are already searching out machines with TLS and weak
> (or no) authentication to inject spam through.

Not entirely true.

Jul  1 00:11:04 mailhost stunnel[465]: spop3 connected from 10.31.113.234:49807

On my spop3 server using stunnel, the above output shows the remote
host.

-- 
Eric Pancer  .  Computer Security Response Team  .  DePaul University
| PGP = C0 22 49 91 41 E5 51 E7 68 3C F7 65 62 F7 7F 8E 7A CB CF F3 |



More information about the unisog mailing list