Subject: Re: what's wrong with my sendmail?
From: David J. Weller-Fahy (dave-lists-aklug@weller-fahy.com)
Date: Thu Nov 13 2003 - 21:42:19 AKST
* Justin Dieters <enderak@gci.net> [2003-11-13 17:20 -0900]:
> Hmm, just to clear this up, are you saying someone on the outside
> might be spoofing(?) their IP to be 192.168.0.2 and sending SMTP
> traffic to my site? So my server then sends it out because it's
> thinking it originated from my server?
Just some thoughts:
Do you have a rule within sendmail that allows any 192.168.0.* machine
to relay? If so, try adding all the individual IP addresses of all the
machines on your network EXCEPT the smoothwall box, and remove that
rule. Or let only localhost relay, and see if that helps.
Another thing, if they're just sending mail they know will bounce, and
including a forged envelope sender, then you'll have lots of 'bounces'
being sent from your server.
Just throwing thoughts out as they happen.
Oh, another thing: What smoothwall version are you running? Don't know
if that'll matter, just curious. ;]
Regards,
-- dave [ please don't CC me ] --------- To unsubscribe, send email to <aklug-request@aklug.org> with 'unsubscribe' in the message body.
This archive was generated by hypermail 2a23 : Thu Nov 13 2003 - 21:42:13 AKST