On Sun, 18 Mar 2012, Reindl Harald wrote:
Am 18.03.2012 19:27, schrieb Rachid Abdelkhalak:
If it's not possible, Is there any additional filters can i apply authenticate
users trying to use SMTP Commands to
send emails from the server using Telnet port 25?
there is simply no differnce between telnet and any other MUA
you have restricted relay for authenticated users (hopefully
or you should shut down the machine) or not, the MTA is not interested
in which client submits a message
I'm using SMTP Auth for all connections coming from networks NOT in mynetworks.
When i'm using a clinent such as
Outlook, Alpine... from an IP not in mynetworks, i'm prompted fot
authentication. But when i'm doing a telnet from
the same IP, i'm not and i'm allowed to send emails from my CEO
@myowndomain.tld to any address for example.
i guess you do not understand SMTP Authentication
Maybe, i'm counting on you to have things more clear
you are NOT prompted if the RCPT is in your own domains
this is because you are not try to relay
that way mail delivery works from other MTA's
The RCPT is not in my domain.
For example, if i connect to my server
telnet myserver 25
ehlo
mail from:<my...@mydomain.com>
rcpt to:<externaladdr...@otherexternaldomain.com>
data
This is a test, please do not respond
.
quit
With this test, i was able to send email from my CEO address to an
external email address using my server.
That's what i'm trying to prvent.
Thank you
again: there is no difference between telnet and any other MUA
spoofing protections has nothing to do with SMTP Auth
