abhishek singh schrieb:
i have never opened telnet ok , my xinetd service is
off so there is no telnet service , i m doing telnet
to outside to 25 port on my mail server and there is
proper smtp authentication enabled on server , the
problem is anyuser (non-existing) with my domain can
send mail to my real domain users.
I answered you regarding this question. Didn't you understand it?
below is example........
##EXAMPLE 1>
telnet 192.168.1.4 25
220 UNAUTHORIZED ESMTP ACCESS IS PROHIBITED
Hell, why do you violate the RFCs? Please do not change things like this
if you don't know what harmful things you do. Please read RFC821
<http://www.DNSstuff.com/pages/rfc821.htm> 4.3 (and RFC2821
<http://www.dnsreport.com/tools/rfc.ch?detail=2821> 4.3.1).
In above example u can see in the 1st example the
sender(xyz) is not real user of my domain , still he
is able to sendmail to my real users (abhi).
http://www.sendmail.org/~ca/email/fake.html
In second scenario sender is able to send mail by
forging domain name by any domain to my domain users.
Faking sender information is as easy as that 4 year old kids can do so.
Why do you wonder about that? This is how (E)SMTP works. You can dislike
it, but that's the technical state.
To reject true fantasie sender domains just comment in sendmail.mc the line
FEATURE(`accept_unresolvable_domains')dnl
Abhishek Kr. Singh
Alexander
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
