On Mon, 2008-08-04 at 10:56 +0200, [EMAIL PROTECTED]
wrote:
> Hallo ram,
>
> Op vrijdag 01 augustus 2008 schreef ram aan [EMAIL PROTECTED]:
>
> >> Occasionally external systems are tying to send mail with a
> >> faked sender address via my system. So far no harm is done,
> >> ad they have not been able to create a real user name. But
> >> I would like to stop them before they use my mail system,
> >> as soon as they make contact. How can I do this?
> ra> I dont see any reason for you to worry. You are doing a
> ra> reject_unauth_destination already
>
> It's not the destination I'm worried about, it's the sender.
> There is a [small] possibility that the culprit guesses a real
> user name on my system and then sends spam or other unpleasant
> things across the world. I would not like that...
>
Enable smtp authentication. Allow only authenticated users of your
domain to send to outside world. A spammer can guess the username but
cant get the password
( I am assuming you dont allow the "username=password" on your
machine :-) )
