Allowing email to local recipients only from certain IP Blocks or authenticated users

20/10/2006, 16h25

I'm trying to figure out how to make Sendmail 8.9.12 (I can upgrade if
it makes it easier) block emails to my local users if they don't come
from either specified IP blocks or from a user who has already
authenticated via POP3. I've looked around and haven't found anything
that seems to match my situation, but I know I'm not the only one
having this problem.

Like a lot of sites, I'm using an outsourced SPAM filtering service
that works very well. I'm already blocking relaying through the mail
server and all the MX records point to the filtering service's servers
and not to my mail servers. But there is nothing to keep spammers from
sending directly to my mail server, either by IP address or by looking
up the A record for the domain or common mailserver names
(mail.[domainname], smtp.[domainname], etc).

Blocking port 25 at my router for all IPs except the filtering service
isn't acceptable because users come from anywhere and need to be able
to send email through the server (once they have successfully checked
their email, I'm using poprelayd).

I would like to keep using mail.[domainname] for all my domains because
it's very easy for users to remember and makes troubleshooting a lot
easier. Also, I'd like to keep using poprelayd for authenticating the
valid users who should be allowed to relay through my server.

So, to recap:

Sendmail upon connection should check that the sender's IP address is
either:
a) Listed in poprelayd's table
or
b) Listed in access database (filtering service IPs)

If neither condition is true, then assume it's a spammer sending email
directly to the mail server and disallow all mail (local recipients and
relayed mail).

If any more specific information is needed, let me know. Thanks.

20/10/2006, 16h48

findasolution@gmail.com wrote:
> I'm trying to figure out how to make Sendmail 8.9.12 (I can upgrade if
> it makes it easier) block emails to my local users if they don't come
> from either specified IP blocks or from a user who has already
> authenticated via POP3. I've looked around and haven't found anything
> that seems to match my situation, but I know I'm not the only one
> having this problem.

drac (qpopper has native support) fits your problem. The solution you
are looking for is POP3b4SMTP which is a legacy style support scheme
for cases where you cant do SMTP-AUTH following or cant flag-day switch
your client base.

Upgrading sendmail will allow you to use STARTTLS/SMTPAUTH/MSP/465
which is the proper way to go about this in this day and age.

Unless I miss my guess, odds are you are vulnerable with that version,
so the upgrade is strongly recommended.

Then you just need accessdb entries to deny the rest of the world.

See this thread

http://groups.google.com/group/comp....605a81a1199bc2

20/10/2006, 16h25	#1
findasolution@gmail.com Messages: n/a Hébergeur:	Allowing email to local recipients only from certain IP Blocks or authenticated users I'm trying to figure out how to make Sendmail 8.9.12 (I can upgrade if it makes it easier) block emails to my local users if they don't come from either specified IP blocks or from a user who has already authenticated via POP3. I've looked around and haven't found anything that seems to match my situation, but I know I'm not the only one having this problem. Like a lot of sites, I'm using an outsourced SPAM filtering service that works very well. I'm already blocking relaying through the mail server and all the MX records point to the filtering service's servers and not to my mail servers. But there is nothing to keep spammers from sending directly to my mail server, either by IP address or by looking up the A record for the domain or common mailserver names (mail.[domainname], smtp.[domainname], etc). Blocking port 25 at my router for all IPs except the filtering service isn't acceptable because users come from anywhere and need to be able to send email through the server (once they have successfully checked their email, I'm using poprelayd). I would like to keep using mail.[domainname] for all my domains because it's very easy for users to remember and makes troubleshooting a lot easier. Also, I'd like to keep using poprelayd for authenticating the valid users who should be allowed to relay through my server. So, to recap: Sendmail upon connection should check that the sender's IP address is either: a) Listed in poprelayd's table or b) Listed in access database (filtering service IPs) If neither condition is true, then assume it's a spammer sending email directly to the mail server and disallow all mail (local recipients and relayed mail). If any more specific information is needed, let me know. Thanks.

20/10/2006, 16h48	#2
jmaimon@ttec.com Messages: n/a Hébergeur:	Re: Allowing email to local recipients only from certain IP Blocks or authenticated users findasolution@gmail.com wrote: > I'm trying to figure out how to make Sendmail 8.9.12 (I can upgrade if > it makes it easier) block emails to my local users if they don't come > from either specified IP blocks or from a user who has already > authenticated via POP3. I've looked around and haven't found anything > that seems to match my situation, but I know I'm not the only one > having this problem. drac (qpopper has native support) fits your problem. The solution you are looking for is POP3b4SMTP which is a legacy style support scheme for cases where you cant do SMTP-AUTH following or cant flag-day switch your client base. Upgrading sendmail will allow you to use STARTTLS/SMTPAUTH/MSP/465 which is the proper way to go about this in this day and age. Unless I miss my guess, odds are you are vulnerable with that version, so the upgrade is strongly recommended. Then you just need accessdb entries to deny the rest of the world. See this thread http://groups.google.com/group/comp....605a81a1199bc2

Outils de la discussion
Afficher une version imprimable Envoyer un lien vers cette page par email