|
Well, no, you don't have to do 'IP' filtering if you don't want to, and also no, modern SMTP servers, such as sendmail do not automatically come up in an open-relay configuration anymore. You can filter who you deliver mail for in many ways, one of the more common ones being to use control files that say you will allow filtering for this or that machine or this or that domain. While that may roughly be considered a form of IP filtering, it is not IP filtering like you would practice on a firewall. Check out the latest version of sendmail and the tons of configurations on it. The SMTP standards have drastically changed in the past 10 years, mostly due to those dratted e-mail spammers. -Paul ----- Original Message ----- From: "Brad Jensen" <brad@elstore.com> To: <midrange-l@midrange.com> Sent: Thursday, November 22, 2001 1:23 AM Subject: Re: fix.your.open.relay.or.die.net > > ----- Original Message ----- > From: "David & Eileen Keck" <bstars@optonline.net> > To: <midrange-l@midrange.com> > Sent: Wednesday, November 21, 2001 5:24 PM > Subject: Re: fix.your.open.relay.or.die.net > > > > While putting this to bed I'd like to see how you tucked the > covers in ... > > i run outlook express as my client ... for each mail account > there is an > > option to specify an smtp server user id and password ... > probably you have > > specified this, right ? If not, then if i know your smpt server > address, and > > given all u state below, what;s to stop me from using it ? - > Dave K. > > Yes, I am in the dark on what he is using to prevent any person > from sending mail thru his SMTP server. > > If he is not using SMTP passwords (and the normal state is not to > require them) then anyone can connect to him and send mail thru > him. Unless he does IP filtering. > > As I said before, if you use the SMTP servers in their normal > state according to the RFCs, you are allowing anyone to connect to > you and send mail, unless you do IP filtering. If you do use a > password on the SMTP connection, you are going beyond the RFCs. > > For those who are not familiar with all this, SMTP is the outbound > email server you use to send mail. POP3 is the inbound mail server > you use to read mail. The normal configuration has been that you > need a password to receive mail, but you are not asked for a > password to send mail. Some spammers have used this, or a similar > ability that allows one SMTP server to forward mail for another > SMTP server, to send emails. > > Some people, upset with this, have started using programs that > probe ip addresses on the web for a functioning SMTP server. They > then try to connect to your mail server as an SMTP client or as an > SMTP server asking your server to relay mail. If your server > follows the rules and lets them attach, they mark your server as a > potential spam source, even if it has not been used for this. > > Other people write their email servers with the ability to scan > the lists of potential spammers. (I've always heard these called > 'black hole lists'). If your server is on it, they reject your > email. > > Technically speaking, the people creating these lists are hacking > your server, and compounding that by interfering with > acommunication by wire. No one has threatened them with jail time > that I know of, but some of the organizations that do this have > had to move outside the USA or even shut down. > > One of these lists targeted one of my servers a year or so ago, > and a certain university still wont pass email to me even to this > day. We 'fixed' (actually broke, in terms of the RFC) our servers > to conform to the extortion by the black holers as soon as we > became aware of the problem a year or so ago. > > You have to do either smtp password protection (which some email > clients now support) or ip filtering to satisfy these vigilantes. > My network admin chose the latter, probably because the smtp > clients didn't have password as an option back when we did it. > > I'd like to send a bill to the bleepety bleeps who set this up. > I've gotten used to dialing into my home server long distance when > I'm on the road, but it sure makes the Internet look like a square > wheel. > > And no matter what their wonderful intentions are, the guys who > did this are outlaws. > > > > _______________________________________________ > This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list > To post a message email: MIDRANGE-L@midrange.com > To subscribe, unsubscribe, or change list options, > visit: http://lists.midrange.com/cgi-bin/listinfo/midrange-l > or email: MIDRANGE-L-request@midrange.com > Before posting, please take a moment to review the archives > at http://archive.midrange.com/midrange-l. > >
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.