[Prev][Next][Index][Thread]
Re: preventing relaying from outside?
-
To: djb-qmail@xxxxxxxxxxxxxxxxxxxx (Qmail List)
-
Subject: Re: preventing relaying from outside?
-
From: Greg Andrews <gerg@xxxxxxx>
-
Date: Thu, 02 Oct 1997 09:48:29 -0700 (PDT)
-
Delivered-to: mailing list djb-qmail@xxxxxxxxxxxxxxxxxxxx
-
Delivered-to: djb-qmail@xxxxxxxxxxxxxxxxxxxx
-
Mailing-List: contact djb-qmail-help@xxxxxxxxxxxxxxxxxxxx; run by ezmlm
torben fjerdingstad <unitfj@xxxxxxxxxxxx> writes:
>
>Lan-lan customers always have their own domain names. Often several.
>We, ourselves have several.
>It would be hard to make a list of them all.
>
That's a meaningless statement. You'll have to make that list
no matter what mail system you use (qmail, Sendmail, Smail, etc.).
As soon as you decide you must block unauthorized relaying, you
need to make a list of customer's domains. Otherwise, you'll
wrongly block mail from an outside site to a customer's domain.
I suggest that you make a policy of relaying mail for only the
domains where your DNS servers are the primary or secondary (or
both). Such domains require you to configure your DNS servers
anyway, so you will be notified when to add domains to your mail
servers, and when to delete it. If your lan-lan customers want
to register domain names that don't use your DNS servers, they
must also be prepared to accept the mail on their own servers.
You can make exceptions, of course, but the policy makes sure you
are notified when a customer adds a new domain, so your mail servers
will relay for it. If the customer fails to notify you of a new
domain, it's not your fault the mail is refused.
-Greg
--
Greg Andrews West Coast Online
Unix System Administrator 5800 Redwood Drive
gerg@xxxxxxx Rohnert Park CA 94928
(yes, 'greg' backwards) 1-800-WCO-INTERNET
Follow-Ups: