Kuschel Sebastian wrote:
Hi everybody,
I did install dbmail currently, and it works fine, but how can I
prevent my server from being used as a spam-mail source (the server is
in a public server-farm). Furthermore I cannot limit the acceptable
IP-range, 'cos users from around the world have to have access to the
mail server.
First off you should really delve into the anti-spam measures available
in your MTA. This is not a dbmail issue,
but a general MTA issue.
generally speaking however:
- make sure you mta doesn't relay for destination domains not under your
control. Refuse to relay for domains
other than those you explicitly wish to relay for.
- use RBLs (real-time-blackhole-lists) to block access from known
spam-networks. I've used sbl.spamhause.org
quite succesfully.
This will still leave you somewhat vulnarable to spammers who target
valid local domains on your server, whilst faking
local From headers. But believe me: you won't get blackholed for that.
However, if you leave your server open for relaying
you will (probably sooner than later) find yourselve blocked by one or
more RBL lists. And that will hurt your business.
Finally, I seriously disagree with your assumption that since users from
around the world must be able to access
your server you conclude that they all need port 25 access. Users rarely
need access to any other smtp server other than
the one provided by their access provider, be that a dialup or dsl
provider. Only users on a mobile device are known to
require access to remote smtp servers on their company networks. For
those there are several authentication mechanisms
available, notably: pop-before-smtp and sasl. Both are supported by
dbmail/postfix if you're using mysql. If you're using
postgres you're stuck with sasl unless you are willing to recompile
you're own postfix with postgres support.
--
________________________________________________________________
Paul Stevens mailto:[EMAIL PROTECTED]
NET FACILITIES GROUP PGP: finger [EMAIL PROTECTED]
The Netherlands________________________________http://www.nfg.nl
