[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: again.. how to stop spam relaying?

To: "'mea@nic.funet.fi'" <mea@nic.funet.fi>
Subject: RE: again.. how to stop spam relaying?
From: "Paquette, Trevor" <TrevorPaquette@mcc.net>
Date: Tue, 10 Feb 1998 07:45:57 -0700
Cc: zmailer@nic.funet.fi

That looks like that's got it.
Thanx again Matti!
Keep up the great work.
I owe you! 

> -----Original Message-----
> From:	mea@nic.funet.fi [SMTP:mea@nic.funet.fi]
> Sent:	Tuesday, February 10, 1998 7:26 AM
> To:	TrevorPaquette@mcc.net
> Cc:	zmailer@nic.funet.fi
> Subject:	Re: again.. how to stop spam relaying?
> 
> ...
> > All of the above looks ok.. BUT my default boiler plate section is
> > different..
> > ALL of those lines that you have listed below are commented out.
> > When would you want to use each alternate case? What does each
> actually
> > do?
> 
> 	Ok, I will try to elaborate.  I added more comments there,
> 	and placed a copy below.
> 
> > > It must be about a problem in the   smtp-policy.src  boilerplate
> then.
> > > Here is my standard-issue boilerplate as it is in the source tree:
> 	(well, an extract from it, of course)
> 
> #|-----------
> #|
> #| Default handling boilerplates:
> #|
> #|   "We are not relaying between off-site hosts, except when ..."
> #|
> #| You MUST uncomment one of these default-defining pairs, or the
> blocking
> #| of relay hijack will not work at all !
> #|
> #| -- 1st alternate: No MX target usage, no DNS existence verify
> #|    Will accept for reception only those domains explicitely listed
> #|    in  'smtp-policy.mx'  and  'localnames'  files.  Will not do
> #|    verifications on validity/invalidity of source domains:
> <foo@bar>
> # .			relaycustomer - relaytarget -
> # [0.0.0.0]/0		relaycustomer - relaytarget -
> #| -- 2nd alternate: No MX target usage, DNS existence verify
> #|    Like the 1st alternate, except will verify the sender (mail
> from:<..>)
> #|    address for existence of the DNS MX and/or A/AAAA data -- e.g.
> validity.
> # .			relaycustomer - relaytarget - senderokwithdns +
> # [0.0.0.0]/0		relaycustomer - relaytarget - senderokwithdns +
> #| -- 3rd alternate: MX relay trust, DNS existence verify
> #|    For the people who are in deep s*...  That is, those who for
> some
> #|    reason have given open permissions for people to use their
> server
> #|    as MX backup for their clients, but don't know all domains valid
> #|    to go thru...  Substitutes accurate data to user's whimsical DNS
> #|    maintenance activities.  Vulnerable to inbound resource abuse.
> .			relaycustomer - acceptifmx - senderokwithdns +
> [0.0.0.0]/0		relaycustomer - acceptifmx - senderokwithdns +
> #| -- 4th alternate: Sender & recipient DNS existence verify
> #|    This is more of an example for the symmetry's sake, verifies
> that
> #|    the source and destination domains are DNS resolvable, but does
> not
> #|    block relaying
> #.			senderokwithdns - acceptifdns -
> #[0.0.0.0]/0		senderokwithdns - acceptifdns -
> #|
> #|  Also you may add   'test-dns-rbl +'  attribute pair to [0.0.0.0]/0
> #|  to use Paul Vixie's  http://maps.vix.com/ MAPS RBL system.
> #|
> #| These rules mean that locally accepted hostnames MUST be listed in
> #| the database with  'relaytarget +' attribute.
> #|
> #|-----------
> 
> /Matti Aarnio <mea@nic.funet.fi>

Prev by Date: Re: again.. how to stop spam relaying?
Next by Date: problems with Eudora Internet Mail Server
Prev by thread: Re: again.. how to stop spam relaying?
Next by thread: multiple servers ETRNing ?
Index(es):
- Date
- Thread