[NTLUG:Discuss] Any experts on preventing Sendmail from being used for Phishing?

Jack Snodgrass mylinuxguy at gmail.com
Sun Mar 27 17:45:49 CST 2005


phishing is where a site 'pretends' to be some other site or has frames that
show you SiteA, but any actions you do go to SiteB.... right? 

When you say 'prevent sendmail from being used for Phising'... 

1) do you mean from non-trusted users to other remote users? 
or 
2) do you mean from 'trusted'' users to other remote users... 
or 
3) do you mean from non-trusted users to your local users? 

#1 - turn off relaying by everyone other than trusted users. trusted
users can be SMTP Auth users or possibly users from specific 
ip addresses. This should be done for all mail servers in general. 

#2 - will take a bit of thought. Do you really want to filter an email 
that your 'trusted' user says that happens to have a fake 
ebay link it it.... maybe it's a valid email that the users wants
to send.... maybe... 

#3  - you want to 'protect' your users from doing something 
stupid ( education - Don't click on any finance  related web site 
links you get in an email.... manually, enter the address on your 
browser's address bar ) 

Just want to make sure that your asking the right question. 

jack 






i.e. non-trusted users should not be able to send ANY email through
your sendmail server.

On Sun, 27 Mar 2005 16:10:53 -0600, Jerry Brillowski - LNX
Technologies <jbdallas_x1 at billingsystems.biz> wrote:
> 
> If anyone has an easy answer, I would love to know it.
> 
> If anyone has a difficult answer and would like to fix it for me, I will
> be glad to pay them!
> 
> Thanks in advance to anyone that can help out.
> 
> Sincerely,
> 
> Jerry Brillowski
> JerryB at LNX-Technologies.com
> (214) 651-8882 (office)
> (214) 418-0897 (mobile)
> 
> _______________________________________________
> https://ntlug.org/mailman/listinfo/discuss
>




More information about the Discuss mailing list