This forum is closed to new posts and
responses. Individual names altered for privacy purposes. The information contained in this website is provided for informational purposes only and should not be construed as a forum for customer support requests. Any customer support requests should be directed to the official HCL customer support channels below:
~Yentl Cishipigenoni 11.Jan.04 04:45 AM a Web browser Domino Server All Releases All Platforms
I work in a multi server domain where an SMTP server resides in the DMZ and a server on the internal network routes using smtp to the external server.
If I open a mail client such as Outlook and set the outgoing smtp server to be the IP address address of the internal smtp server then the server can be used to relays emails without any auithentication.
So currently I can send a mail to anyone externally and internally from an email address of say email@example.com etc etc. To stop this I simply make minor changes to the configuration of the server document that restricts outgoing mail from only addresses with the internal domain name.
However what can I implement to stop a user on the internal network pretending to be someone else and then sending mail either internally or externally. ie if there is a user in the name & address book say Fred Bloggs using fbloggs@acme what stops me from sending an email to someone using his account as the sender using outlook
I was under the impression that I could implement SMTP authentication but this only applies to SMTP inbound - the SMTP outbound doesnt allow me to set authentication ANONYMOUS to NO
Any ideas anyone and before anyone suggest to read the manual I have - all previous entries covers spam from external sources not from a user on the internal network - the issue is Non Authentication - if a user authenticates and then sends an email using dodgy account details such as Fred Bloggs (who has an entry in the NAB but is not the actual person sending the email) then we can track it - the problem is simply someone internally pretending to be someone else.