Well, if you leave the SMTP proxy allowed netowrks to only "the mailserver" or internal network, then people couldnt relay off it at all, so you'd never have this problem.
Or am i missing what you meant here? A properly configured asl (not to mention mailserver) will avoid relaying all together from where it's not wanted.
I think he wants to be notified when a relay attempt is made. That quickly gets old and if you get swamped you'll not want to even know about it anymore. It happens every day and for me not too many times each day. They just go away and kicked out just like the MS viruses/worms.
But do check the logs and make sure nobody finds a hole to exploit. So far so good for me.
I think he wants to be notified when a relay attempt is made. That quickly gets old and if you get swamped you'll not want to even know about it anymore. It happens every day and for me not too many times each day. They just go away and kicked out just like the MS viruses/worms.
But do check the logs and make sure nobody finds a hole to exploit. So far so good for me.
In my case it's not possible to do an unallowed mail-relay, but I would be great if there is a try to relay that there will be an e-mail notification! That's all. [:)]
Well, if you insist on leaving your relay open, you will quickly find yourself on lots of blacklists and exploited by spammers to the point where your asl will barely function as it sends thousands of messages. I would highly suggest you either enable SMTP auth. or limit allowed networks to definitions for the ips on the outside that require relaying priv's.
