|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FW1] CVP and relaying
Hi John,
To stop mail relay, you can specify in the SMTP resource object that you
will receive mail only for *@*.yourdomain.com and that should do it. True
Received from info could be very useful to stop spam but most spam will not
have a successful reverse DNS lookup. I think SMTP security server should be
doing reverse lookups on Mail From: headers. Please someone let me know of
it is not true. If reverse lookup is successful then spam can be stopped
anyways by having a rule to block mail from that domain.
HTH
Naresh
From: John Hardly <[email protected]>
Reply-To: [email protected]
To: Naresh Narang <[email protected]>
CC: [email protected]
Subject: Re: [FW1] CVP and relaying
Date: Thu, 03 May 2001 22:48:12 +0000
Hi Naresh,
The problem is that the "Received From" information in the mail header
changes from the "true" sender's information to the IP address of the
interface on
the firewall on which the SMTP server resides. I am interested in
keeping the original mail header information in tact to avoid mail relay
concerns and gather all the headers in the sendmail syslog file.
I have Trend VirusWall running in CVP mode.
Naresh Narang wrote:
>
> I don't think firewall should be responsible for telling which IP
address
> the mail is coming from. Your SMTP server should accept mail for your
domain
> only not for other domains.
>
> Naresh
>
> >From: John Hardly <[email protected]>
> >Reply-To: [email protected]
> >To: fw checkpoint list <[email protected]>
> >Subject: [FW1] CVP and relaying
> >Date: Wed, 02 May 2001 13:33:02 +0000
> >
> >
> >Hi everybody,
> >I discovered that my mail server (212.x.x.18 on my DMZ) became an Open
Mail
> >Relay
> >when I installed a CVP with FW-1 4.1.
> >Every smtp connection from the FW-1 to the mail server appears to come
from
> >212.x.x.17 (my localnet is nated behind 212.x.x.17 wich is the IP
address
> >of
> >DMZ interface on my Firewall).
> > Even if the SMTP connection come from outside my company, the mail
server
> >sees only
> >that it comes from 212.x.x.17.
> >****************
> >May 2 13:31:15 My_mail_server sendmail[9388]: NAA09388:
> >from=<[email protected]>, size=2475,
> >class=-60, pri=140475, nrcpts=1,
> >msgid=<[email protected]>,
> >proto=SMTP, relay=IDENT:[email protected] [212.x.x.17]
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ^^^^^^^^^^^
> >
> >******************
> >
> > I'd like to know how to set up the firewall (with CVP) in order that
> >the firewall let the mail server know the IP address of the SMTP
connection
> >instead of the IP of the Fw interface (212.x.x.17).
> > The CVP server (VirusWall ) is installed on another machine
(212.x.x.19)
> >--
> >John Hardly
> >E-mail : john (at) iav (dot) ac (dot) ma
> >
> >
>
>================================================================================
> > To unsubscribe from this mailing list, please see the
instructions at
> > http://www.checkpoint.com/services/mailing.html
>
>================================================================================
> >
>
> _________________________________________________________________
> Get your FREE download of MSN Explorer at http://explorer.msn.com
>
>
================================================================================
> To unsubscribe from this mailing list, please see the instructions
at
> http://www.checkpoint.com/services/mailing.html
>
================================================================================
--
John Hardly
E-mail : john (at) iav (dot) ac (dot) ma
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
|
|