Re: Sendmail 8.11 configuration/security issue - some clarification

[GB Clark <gclarkii () vsservices com>]

On Tue, 07 Jan 2003 09:53:23 -0600
Ned Fleming <ned () kaw us> wrote:

> On Mon, 06 Jan 2003 22:11:49 +0000, oobs3c02 () attbi com wrote:
>
> > Thanks for the input on this so far.  To clarify, John65 () pobox com is exactly 
> > right in stating that I'm trying to stop the spoofing of my domain as the 
> > sender to my own domain (e.g. helpdesk@xyz to johnSmith@xyz where helpdesk is 
> > the spoofed sender).  This is not an open relay server and the spam is not (as 
> > far as I can tell) as a result of any viruses guessing at accounts.
>
> [snip]
>
> > I'm not sure that this problem can be resolved within sendmail config files but 
> > if anyone knows differently, please let me know.
>
> Yes, you can do this in Sendmail. You can do just about anything in
> Sendmail, provided you're willing to read and write hieroglyphics, uh,
> I mean the config files. The fellows who recommended SMTP AUTH or
> pop-before-smtp were correct.

Neither simple pop-before-smtp or SMTP AUTH will do it.  It will take authentication 
(either AUTH or IP) plus a filter to stop what he wants.  It won't be pretty whichever 
way.  Now a semi-simple milter can modify the subject line to warn the receiver that 
it might be forged. That would be easy; for a sendmail hacker, that is.

GB

-- 
GB Clark II             | Roaming FreeBSD Admin
gclarkii () VSServices COM | General Geek 
           CTHULU for President - Why choose the lesser of two evils?