On Sun, Feb 14, 2010 at 1:50 PM, Alex <mysqlstudent@xxxxxxxxx> wrote: > Hi, > > I have a situation where a user has a predictable user/pass > combination, and a spammer has found it. It appears they have scripted > a way to login as that user, then send mail unrestricted, with a From > address outside of our domain, and to any external recipient. > > It seems that once they are authenticated through the typical login, > they have the ability to access sendmail unrestricted. This means that > because they are sending the from the local system, sendmail (postfix, > really), believes they are part of the local network, and it bypasses > the normal sender restrictions I have in place. Check out the Restrict Senders plugin > I've added additional header and client restrictions to postfix that > take place prior to the local network authentication portion, and it > helps a bit, but what is the proper way of doing this? > > How is it that they are scripting this in the first place? > > Is it possible to instead configure squirrelmail/sendmail to go > through the standard authentication process, instead of calling > sendmail directly? Yes -- Paul Lesniewski SquirrelMail Team Please support Open Source Software by donating to SquirrelMail! http://squirrelmail.org/donate_paul_lesniewski.php ------------------------------------------------------------------------------ SOLARIS 10 is the OS for Data Centers - provides features such as DTrace, Predictive Self Healing and Award Winning ZFS. Get Solaris 10 NOW http://p.sf.net/sfu/solaris-dev2dev ----- squirrelmail-users mailing list Posting guidelines: http://squirrelmail.org/postingguidelines List address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx List archives: http://news.gmane.org/gmane.mail.squirrelmail.user List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
