Security Basics mailing list archives
RE: Sendmail 8.11 configuration/security issue
From: <john65 () pobox com>
Date: Fri, 3 Jan 2003 22:00:57 -0500 (EST)
I think the original sender and several of the respondents may be confusing 'spam with forged headers' with 'open relaying.' The original question was not about his relay being hijacked to send spam, it was about mail coming IN to his company xyz.com for joe () xyz com purporting to be from another sender at xyz.com when it really came from somewhere else. That's NOT open relaying, that's forging headers and there's not much you can do about it without breaking things (What if mary () xyz com wants to use her xyz.com return address when she's sending mail from home to joe () xyz com via her local ISP dialup -- Why would you want to block that?) What's the difference if incoming spam has one forged address or another anyway? It's still spam! 'Switching to Postfix', using a 'content security gateway,' or 'TLS' are not going to solve this problem (forging of email headers).
Current thread:
- Sendmail 8.11 configuration/security issue oobs3c02 (Jan 03)
- Re: Sendmail 8.11 configuration/security issue simsjs (Jan 03)
- Re: Sendmail 8.11 configuration/security issue john65 (Jan 03)
- Re: Sendmail 8.11 configuration/security issue Don Voss (Jan 05)
- Re: Sendmail 8.11 configuration/security issue Timothy M. Lyons (Jan 06)
- <Possible follow-ups>
- RE: Sendmail 8.11 configuration/security issue Keith T. Morgan (Jan 03)
- Re: Sendmail 8.11 configuration/security issue Ned Fleming (Jan 03)
- Re: Sendmail 8.11 configuration/security issue Wahyu Kelik (Jan 05)
- RE: Sendmail 8.11 configuration/security issue john65 (Jan 05)
- Re: Sendmail 8.11 configuration/security issue Ned Fleming (Jan 03)