On Mon, 5 Feb 2007, Seth Goodman wrote:
In pymilter, internal PCs attempting to send with foreign domains
are labeled "zombies". Too many such forgeries, and that PC (IP) is
cut off from sending email. User has to run malware cleaning software
and write "I will not download free screensavers" on the blackboard
100 times before I reenable their email.
This is very good for small numbers of users. If you had sufficient
users, the folks who control the botnets could accomplish what they need
by forging other users' identities, or even by publishing legitimate SPF
records that designate your outbound hosts. This will affect the
reputation of your IP's, even though you never gave the domain owners
permission to use them. I know, that's no longer domain forgery and we
The "internal_domains" config option lists which domains internal users
are allowed to use. But you are right, the setup doesn't scale. It
needs a database mapping users to allowed domains. Easy enough to add
if I ever am asked to handle such a setup. Users can be identified by
IP or SMTP AUTH.
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735