Somebody somewhere has set up a mail server with the same host name as our mail server. He is sending spam messages from his server, through our server to his list of final addresses. This means the spam is coming from us.
I think this has nothing to do with client smtp authentication (which r7 doesn’t seem to do easily anyway), and is more to do with relaying. I’ve forced all users to change their internet passwords anyway.
We have a configuration document set up such that
router/smtp - restrictions and controls - smtp inbound controls - inbound relay controls:
Deny messages to be sent to the following external internet domains = *
Deny messages from the following internet hosts to be sent to external internet domains = *
- inbound relay enforcement:
perform anti-relay enforcement for these connecting hosts = external hosts
exceptions for authenticated users = allow authenticated users to relay
- inbound connection controls:
verify connecting hostname in DNS = enabled
- inbound sender controls:
verify sender’s domain in DNS = enabled
Please, is there anything else I can do to stop these sons of bachelors?
Is there a setting somewhere that tells my server to not accept incoming mail from anywhere if it is going to then go out again?