On Monday 11 January 2016 at 19:57:28, Justin Edmands wrote:
> We have seen a few messages that were allowed to be sent "on be half of" a
> user within our network.
How are you authenticating which users are allowed to send through your relay?
> The external users domain was able to send through our relay and sort of
> spoof the user. Any way to use spamassassin to prevent this sort of this?
No; you should either be accepting relayed mail only from your internet
network range, or from SMTP-Authenticated users, or from VPN connections, etc.
Allowing outbound email which claims to be from one of your addresses, but
isn't actually validated as being from an authentic user, is a rather bad
setup.
Antony.
--
"In fact I wanted to be John Cleese and it took me some time to realise that
the job was already taken."
- Douglas Adams
Please reply to the list;
please *don't* CC me.
