Hi,

I have recently been having problems with spammers relaying thru my mail server, I have followed all the security precautions to prevent relaying but somehow it is still happening, typically the emails
are addressed to a fictional name in my domain eg. prisint9862@mydomain.com from an address like investmentalert@mydomain.com. The emails are typically ccd to hundreds of aol.com emails which has not made me popular with that particular domain. Can anyone recommend how to stop this relaying? In my access file I have:

localhost.localdomain RELAY
localhost RELAY
127.0.0.1 RELAY

How do I deny relaying by localhost etc but allow a few valid addresses to send?
Is there anything else I should do/look at ?

I am running RH 2.4.21-20, RHEL ES Release 3.1, Sendmail 8.12.11-4

thanks,
Al

Using Sendmail. Brave. I'll just dump some links from my thoughttracker. YMMV, auth-before-anything could help:
Sendmail AUTH using SASL: Sendmail Authentication: http://www.linux-sxs.org/internet_se...smailauth.html.
Sendmail AUTH using SSL: Configuring Sendmail's STARTTLS (SSL) and Relaying: http://www.ofb.net/~jheiss/sendmail/tlsandrelay.shtml
Using SMTP AUTH/STARTTLS: http://www.sendmail.org/~ca/email/st...#starttlssetup

what if you just install postfix? does that not do both send and recieve i have it seutp and works perfect also can track what is going on.


Do not like sendmail

Nothing wrong with using sendmail.

Sendmail by default does not allow relaying. To allow relaying you allow in either "access" or relay-domains file.

* If a mail is addressed to a person whose account is on the server where sendmail is running then it will be allowed by default.

* If a mail is originating from an account your server where sendmail is running then it will be allowed by default.

* If someone in xyz domain uses your sendmail to send a mail to pqr domain then it will be denied by default.

Since the email is coming to an account on your server, it is accepted by default.

Does the account investmentalert@mydomain.com exist on your server?

Look in your maillog (/var/log/maillog) and see what sendmail is doing.


Best thing to do is add authentication on your mail server. All the information is on sendmail.org. Look for SMTP AUTH. Any user who has an account on the server will need to authenticate for sending any emails.

thanks for that, I will look at adding smtp auth.
I am receiving emails from 'any random prefix'@mydomain.com so it can't be a rogue account.

I can send mail but not receive using sendmail


I define(`SMART_HOST',`mail.myISP.com') to let my ISP mail server to handle mails.

This is my maillog (/var/log/maillog) and see what sendmail is doing.

Please point out the problems. Thank you.