OT: third party relay attack
Matthew Dillon
dillon at backplane.com
Fri Jan 10 12:22:37 PST 2020
I last looked at it a few years ago but there were numerous DNS based
services that you could use to test IP addresses and domains. But they
never worked well... they tended to block a lot of legitimate mail along
with the spam, and tended to always be out of date.
You can also turn on SPF validation, which actually helps protect against
third-party relays (at least for well known domains). There might be some
setup required though, it depends on the mail server. You can google up
instructions for e.g. turning SPF on with postfix (I think it requires a
few perl modules). Instructions won't be accurate for DFly but they will
give you a good template for what needs to be done.
But if you do that, be sure to test that the mail server is still accepting
mail from important domains that you communicate with. It's really easy to
misconfigure.
-Matt
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.dragonflybsd.org/pipermail/users/attachments/20200110/b799a772/attachment.htm>
More information about the Users
mailing list