Prevent spaming from a server with Exim-SpamBlocker

[zEitEr]

Hello,

I'm not sure if this has ever been discussed. Anyway, I'd like to get some ideas, about whether Exim powered by SpamBlocker should prevent sending a certain kind of spam from the server?

Perhaps, we've got a situation: an user is using hosting provider's SMTP server to send emails. Everything is ok, if outcoming emails have local domain in its "FROM"-header. But what if in the header "FROM" there's a foreign email address(with domain not hosted by the current provider) , that can be even fake?

Should we deny sending emails for authorized users if a domain in the "FROM"-header is not hosted on hosting provider's servers? Is it a good practice to drop/bounce such messages? But we still resend emails by forwarders.

In other words, should we match domain part of a FROM-address with hosted domains for outcoming emails?

 

[nobaloney]

ISPs shouldn't do it. You shouldn't do it. It's against RFCs.

It's also limiting. I may have a dozen different return addresses at a dozen different domains; should I really need to connect through a different upstream MTAs?

Limiting injection of email to plain-text authentication on Port 587 should give you the protection you need, and the logging to find violators using your server.

Jeff

 

[zEitEr]

Ok, let me add some more details.

There's a customer, I've found out, that he's using our SMTP server to forward all his incoming emails from his server to a remote email box (he uses our SMTP as a smarthost). And I believe he does not use any antispam software and any filters and all spam messages are accepted by our SMTP for further delivering. And of course some public MAIL servers, think that is we, who sends spam.

And what is a way to lower risks of getting our IP banned?

 

[nobaloney]

Don't allow him to use your SMTP server as his smarthost unless he follows your rules.

Jeff

 

[zEitEr]

He was warned as soon as we've found out the issue.

Thanks, Jeff.