Security Basics mailing list archives
Re: Sendmail 8.11 configuration/security issue
From: <john65 () pobox com>
Date: Fri, 3 Jan 2003 13:03:07 -0500 (EST)
On Fri, 3 Jan 2003 oobs3c02 () attbi com wrote:
I'm running sendmail 8.11 on a Solaris server. The server has a single interface and sits in my DMZ. I'm trying to find a way to block inbound mail with my domain spoofed as the sender.
I'm not sure what you accomplish by doing this. see: http://groups.google.com/groups?selm=8nl0kt%24mna%241%40zardoc.endmail.org&output=gplain
The scenario turned up when a person I know received spam with the sender being spoofed showing amber () mydomain com and recipient being myfriend () mydomain com. After inspecting the mail headers, we discovered that the source IP was definitely external. We've scoured sendmail.org, arachnoid.com, cauce.org and all the books we have and could not find this scenario speifically mentioned. Problems/Questions 1. If we block spammers by domain as recommended at http://www.arachnoid.com/lutusp/antispam.html#filter_forwarding, how do we get around our internal users being blocked from sending mail out?
This isn't going to help you. Are you talking about open relays now? If you're running a recent sendmail, open relaying is off by default. Read the documentation in the sendmail source distribution first. See cf/README. I think you're making this too hard on yourself. The link you mention has bad (direct editing of the sendmail.cf should never be done) and outdated advice.
2. Does anyone know of a way to check the network that a specific domain is sending from? This way we could look at mydomain.com and compare it to a specific subnet that we allow.
See cf/README.
Current thread:
- Sendmail 8.11 configuration/security issue oobs3c02 (Jan 03)
- Re: Sendmail 8.11 configuration/security issue simsjs (Jan 03)
- Re: Sendmail 8.11 configuration/security issue john65 (Jan 03)
- Re: Sendmail 8.11 configuration/security issue Don Voss (Jan 05)
- Re: Sendmail 8.11 configuration/security issue Timothy M. Lyons (Jan 06)
- <Possible follow-ups>
- RE: Sendmail 8.11 configuration/security issue Keith T. Morgan (Jan 03)
- Re: Sendmail 8.11 configuration/security issue Ned Fleming (Jan 03)
- Re: Sendmail 8.11 configuration/security issue Wahyu Kelik (Jan 05)
- RE: Sendmail 8.11 configuration/security issue john65 (Jan 05)
- Re: Sendmail 8.11 configuration/security issue Ned Fleming (Jan 03)