<P>First, sorry the thread got away, I was thinking that the issue was related
not trying to steal it...</P>
<P>I read my maillogs and see that relaying is denied when I see the attempts.
However sometimes I get mail delivery errors for emails I haven't sent? What I
was thinking is that someone could do a telnet in to my port 25 and use my
domain to send from... (as if the user where from my domain...)</P>
<P>Thanks,</P>
<P>James</P>
<P>For users of Fedora Core releases <fedora-list@redhat.com> wrote:
<BR>> On Fri, 2004-07-23 at 12:23, James Marcinek wrote:<BR>> > I'm no
expert at this but I did some reading and was under the<BR>> > impression
that people will use your mail server to send emails and<BR>> > that
there's not a lot that can be done about it. I would definitely<BR>> >
like to be proven wrong with this. The simply script something to<BR>> >
telnet into your mail port and send emails... These emails are<BR>> >
generated from your server so even setting your email to send only<BR>> >
from your domain does not protect you. Is anyone listening that could<BR>>
> shed some more light on this?<BR>> > <BR>> > Thanks,<BR>>
> <BR>> > James<BR>> <BR>> What you are describing is an email
relay. Most systems today ship with<BR>> relaying disabled (including all
linux distros that I know of). If you<BR>> have an open relay it will be
found by the spammers and used. This is<BR>> one reason to be very careful
and sure of what you are doing when<BR>> modifying sendmail or one of the
other MTAs available for linux.<BR>> <BR>> If you have not modified your
systems MTA configuration you should be<BR>> fine.<BR>> <BR>> At work I
see literally hundreds of attempts per day to relay email<BR>> through our
mail server. Each one of them is denied.<BR>> <BR>> If you have any doubts
about your servers setup do some reading on your<BR>> particular MTA. You can
also test this by simply telneting to port 25<BR>> of your server and issuing
the following commands when you get a<BR>> connection:<BR>> <BR>> helo
testdomain.com<BR>> mail from: badspammer@spamu.net<BR>> rcpt to:
hapless@victim.com<BR>> data<BR>> this is test data<BR></P>