On Sun, 31 Oct 2004 21:09:53 +0530, mitul@mitul.com mitul@mitul.com wrote:
Hey Biju,
I dont see any problem with the SMTP session.
I do
Try this [user@somehost] # telnet <server ip>:25 mail from : x@copstop.com rcpt to: y@copstop.com Data From: "X" spammer@domain.com To: "Some User" y@copstop.com Subject : some UCE .
Will the spammer not succeed in getting his message across?
Primarily because you are connecting to the AUTHORITATIVE MX server for CopStop.com and no matter who sends the mail, till the time the RCPT is for a user inside your domain i.e. CopStop.com, it seems to be ok. If the server would have accepted RCPT to: xyz@someotherdomain.com then it surely would be alarming issue.
Agreed It is not that much a problem but why not add another simple check that prevents spoofing in this manner and hence a little bit less spam .