upgrade office server

Ralph Siemsen ralphs at netwinder.org
Fri Aug 3 17:44:38 EDT 2007


On Fri, Aug 03, 2007 at 10:54:12PM +0200, Jan Rinze wrote:
> 
> If you have Sendmail or another mail server setup your server might be doing
> email-relay.
> Disable relaying in sendmail (or your other mail-server) should stop
> spammers from using your mail server for sending spam.
> 
> I have seen this before on a Netwinder.. pretty ugly if you get a reprimand
> of your ISP..

Unless you are hand-editing your sendmail config file (this rules out
pretty much anyone with OfficeServer) then relaying will be disbled.
It was designed to be pretty "safe" right out-of-the-box.

I could possibly see it getting messed up if you setup your netwinder
initially for one domain and then later move it to another domain.
Again, I can't see this occurring for most OfficeServer users.

> Indeed.. apparently the mail-servers of many ISPs are not setup cleverly
> enough. It has always surprised me that any email address coming from forged
> "From" address do not get checked for being genuine..

This is a common misconception.  There are two sets of addresses involed,
those in the "body" of the email, and those in the "envelope".  The servers
only look at the envelope and are ignorant of the body.  This is quite
intentional as it allows such things as forwarding and mailing lists to work,
which would not be possible if one forced the envelope and body to match.

Most servers combat spam by doing a combination of checks including:
- callout verification
- realtime blockhole lists
- SRS http://www.openspf.org/SRS
- Message filtering (eg. SpamAssassin)

Not that this only allows you to filter what _you_ receive.  There is no
way to stop others from receiving forged mails that claim to be from you.
It is up to them to setup their mail servers to reject those messages,
based on using SRS or similar mechanism.

R.



More information about the Netwinder mailing list