Re: Sendmail 8.11 configuration/security issue

["Timothy M. Lyons" <lyons () digitalvoodoo org>]

Jim,

I used to run a similar configuration but moved to pop-before-smtp 
(actually IMAPS in my case).

You might want to take a look at http://popbsmtp.sourceforge.net/

--Tim



oobs3c02 () attbi com wrote:
> I'm running sendmail 8.11 on a Solaris server.  The server has a single 
> interface and sits in my DMZ. I'm trying to find a way to block inbound mail 
> with my domain spoofed as the sender.  The scenario turned up when a person I 
> know received spam with the sender being spoofed showing amber () mydomain com and 
> recipient being myfriend () mydomain com.  After inspecting the mail headers, we 
> discovered that the source IP was definitely external.  We've scoured 
> sendmail.org, arachnoid.com, cauce.org and all the books we have and could not 
> find this scenario speifically mentioned.  
>
> Problems/Questions
> 1. If we block spammers by domain as recommended at 
> http://www.arachnoid.com/lutusp/antispam.html#filter_forwarding, how do we get 
> around our internal users being blocked from sending mail out?  
> 2. Does anyone know of a way to check the network that a specific domain is 
> sending from?  This way we could look at mydomain.com and compare it to a 
> specific subnet that we allow. 
>
> Thanks in advance for your help.
>
> Jim