Pesky virus

[Pedro Fernandes Macedo]

James Marcinek wrote:

> I'm no expert at this but I did some reading and was under the 
> impression that people will use your mail server to send emails and 
> that there's not a lot that can be done about it. I would definitely 
> like to be proven wrong with this. The simply script something to 
> telnet into your mail port and send emails... These emails are 
> generated from your server so even setting your email to send only 
> from your domain does not protect you. Is anyone listening that could 
> shed some more light on this?

To shed more light on this. You can configure a server that can be used 
remotely and safely , without having it being used by spammers. To do 
this , you have some work to do, because you need to add authentication 
(it is a bit trivial on postfix. Never tried on sendmail or qmail). Also 
it's suggested to use cryptography to protect the passwords during 
authentication (also known as Transport Layer Security, or TLS).
So , a properly configured server will accept incoming conections (even 
bad ones) , but will reject the bad ones during authentication.. Here's 
an example of a properly configured server in action:

220 mailhost. ESMTP
ehlo mailhost
250-mailhost
250-PIPELINING
250-SIZE 10240000
250-ETRN
250-STARTTLS
250 8BITMIME
mail from:<someuser at somedomain>
250 Ok
rcpt to:<anotheruser at anotherdomain>
554 <anotheruser at anotherdomain>: Relay access denied

 From this point on , the spammer can keep trying to send his spam , but 
probably the server will reject all his attempts , because he didnt use 
authentication.  This example server didnt show anything about 
authentication , because I've configured it to only show authentication 
information if the channel is secure. If the software connects to port 
25 , then uses the STARTTLS command , then it'll have the option to 
authenticate and send a message (if it's a valid user).

--
Pedro Macedo