Ok after trying for 3 days to get postfix with cyrus-sasl and mysql working i finally gave up, and followed the sugestion of one good buddy of mine to install qmail. Following the install tutorial and scripts at www.qmailrocks.com.
I was using mandrake and was somehow discouraged by the lack of guides for this distro but hey redhat is like mandrake so maybe i'll get an error compiling some stuff but at least i'll have a clear conscience. Not the case as it installed quite nice, error free(nice tutorial... if every program had scripts like this i wouldn't grow so many white hairs).
Went for vpopmail with mysql since i use this database for programing and i thought i'd manage. Installed also courier imap as shown in the tut. Ok everything worked smoothly. Next day at work created a mail for myself email@example.com
and one named firstname.lastname@example.org
for the marketing dude.I started Outlook in Windows and created the accounts. Not paying enough attention, i typed at my acount the email address email@example.com
but at acount name firstname.lastname@example.org
and the password and selected my server requiers authentification and log in with email@example.com
and same password. So i use the marketing email but the acount and password drakon(say any ordinary user who has an acount and password). When i sent a mail i received it at my yahoo acount as coming from marketing. Ok my problem i said.
But then i tried my friend's server which compiled vpopmail without mysql. He gave me an acount for testing when i was undecided to go for qmail to try it out and i also knew he had the firstname.lastname@example.org
for sending official emails. So same move: email acount email@example.com
but the acount and authentification: firstname.lastname@example.org
with the password he gave me for the test acount. I sent him an email saying that his firm was having financial troubles and that he advises the reciever of the email to contact another firm. The mail came from email@example.com
and of course he was as worried as me.
So it seams that anyone who has an ordinary email acount on the server can send emails in the name of the system administrator or any department for example.
My question? Is there something i can do?Anyone has same problem? Can't figure out much from the logs since they are full of: Check for proper operation and configuration of the File Access Monitor daemon (famd). I know that famd must be started, but this doesn't start although portmap is started. But i don't think that this email spoofing would be reported in the errors logs..
Hope anyone has a solution and thanks for the time reading.