[NTLUG:Discuss] Any experts on preventing Sendmail from being used for Phishing?
Jack Snodgrass
mylinuxguy at gmail.com
Sun Mar 27 17:45:49 CST 2005
phishing is where a site 'pretends' to be some other site or has frames that
show you SiteA, but any actions you do go to SiteB.... right?
When you say 'prevent sendmail from being used for Phising'...
1) do you mean from non-trusted users to other remote users?
or
2) do you mean from 'trusted'' users to other remote users...
or
3) do you mean from non-trusted users to your local users?
#1 - turn off relaying by everyone other than trusted users. trusted
users can be SMTP Auth users or possibly users from specific
ip addresses. This should be done for all mail servers in general.
#2 - will take a bit of thought. Do you really want to filter an email
that your 'trusted' user says that happens to have a fake
ebay link it it.... maybe it's a valid email that the users wants
to send.... maybe...
#3 - you want to 'protect' your users from doing something
stupid ( education - Don't click on any finance related web site
links you get in an email.... manually, enter the address on your
browser's address bar )
Just want to make sure that your asking the right question.
jack
i.e. non-trusted users should not be able to send ANY email through
your sendmail server.
On Sun, 27 Mar 2005 16:10:53 -0600, Jerry Brillowski - LNX
Technologies <jbdallas_x1 at billingsystems.biz> wrote:
>
> If anyone has an easy answer, I would love to know it.
>
> If anyone has a difficult answer and would like to fix it for me, I will
> be glad to pay them!
>
> Thanks in advance to anyone that can help out.
>
> Sincerely,
>
> Jerry Brillowski
> JerryB at LNX-Technologies.com
> (214) 651-8882 (office)
> (214) 418-0897 (mobile)
>
> _______________________________________________
> https://ntlug.org/mailman/listinfo/discuss
>
More information about the Discuss
mailing list