Hi, I have a situation where a user has a predictable user/pass combination, and a spammer has found it. It appears they have scripted a way to login as that user, then send mail unrestricted, with a From address outside of our domain, and to any external recipient. It seems that once they are authenticated through the typical login, they have the ability to access sendmail unrestricted. This means that because they are sending the from the local system, sendmail (postfix, really), believes they are part of the local network, and it bypasses the normal sender restrictions I have in place. I've added additional header and client restrictions to postfix that take place prior to the local network authentication portion, and it helps a bit, but what is the proper way of doing this? How is it that they are scripting this in the first place? Is it possible to instead configure squirrelmail/sendmail to go through the standard authentication process, instead of calling sendmail directly? Thanks, Alex ------------------------------------------------------------------------------ SOLARIS 10 is the OS for Data Centers - provides features such as DTrace, Predictive Self Healing and Award Winning ZFS. Get Solaris 10 NOW http://p.sf.net/sfu/solaris-dev2dev ----- squirrelmail-users mailing list Posting guidelines: http://squirrelmail.org/postingguidelines List address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx List archives: http://news.gmane.org/gmane.mail.squirrelmail.user List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
