Refuse Relay to certain authenticated sessions
- From: guy <ambesch@xxxxxxxxx>
- Date: Mon, 18 May 2009 12:31:43 -0700 (PDT)
Dear all,
Currently my sendmail server relays email for my users when they
connect from their home (Access table allows IP based relaying) and it
relays their email when they connect from abroad if they use an
authenticated session. So far so good.
However as a quite significant amount of accounts and passwords of my
customer base have been disclosed recently, I would like to introduce
a file containing logins of compromised customers that the server
should refuse to relay the mails for, even if they authenticate
successfully (it may also simply reject the session, when
authentication with a login in this file is done). Otherwise -
surprise - the session is used to send unsollicited mails that bypass
a lot of traditional checks (because the session is authenticated, but
by a bot).
I checked the older mails in this newsgroup, but I only found
questions and answers about allowing relaying for authenticated
sessions instead of refusing it.
I had a look at the Bat book and at the sendmail rules for auth and
Trust. This made me belief, it should be possible to do what I am
looking for, but I am not experienced enough for writing the rules
myself.
Is there anybody who could give me a hint on writing a customized
sendmail.cf rule?
Many thanks in advance
Guy-Ambesch
.
- Follow-Ups:
- Re: Refuse Relay to certain authenticated sessions
- From: Clemens Zauner
- Re: Refuse Relay to certain authenticated sessions
- From: Rob
- Re: Refuse Relay to certain authenticated sessions
- Prev by Date: Re: mail redirection based on source domain
- Next by Date: Re: Refuse Relay to certain authenticated sessions
- Previous by thread: mail redirection based on source domain
- Next by thread: Re: Refuse Relay to certain authenticated sessions
- Index(es):
Relevant Pages
|
