Demon Email - A firewall is NOT the answer

["Mark Harrison" <Mark.Harrison@xxxxxxx>]

Rob,

A firewall won't help, unless it also does mail relaying for you.

Port 25 needs to be open to receive email full stop. The relaying issue is
that port 25 should only accept email either TO or FROM one of your
domains. (ie - should only accept email to one of your users or from one of
your users - the thing that Demon's trying to block is your email server
accepting email from one third-party, and passing it on to another
third-party.)

Commercial firewalls (like firewall 1) will accept plugins that handle mail
relaying for you, but the "turnkey Linux ones" won't, AFAIK.

You need some mail relay. Linux SENDMAIL is probably the best solution.

Regards,

Mark

-----Original Message-----
From: Rob Mouser [mailto:rmouser@xxxxxxx]
Sent: 13 June 2002 13:43
To: Ukha (E-mail)
Subject: [ukha_d] Demon Email


Hi 

This is a little 'wide' but I feel it is relevant to us HA people. We
have a Demon Web account here and was infact on the verge of setting
one
up for home (Fixed IP etc, ISDN, fixed cost etc.....However don't post
on this as its not the subject!) HOWEVER we have just had external
email
banned by Demons Abuse Team due to our MS Exchange Server v5.0 (Part of
SBS Ver4.0)beeing venerable to email spammers using relay. I've spoken
to Demon and done some research and it appears that Exchange Ver5.0
cannot be protected against relay attacks! Only Ver5.5 has sufficient t
functionality to block relay use.

OK so we cannot upgrade to 5.5 (Various issues with compatibility with
some bespoke software supplied by another company.) (Or in effect SBS
v4.5) at this precise moment and so the only option is to add a
firewall
to the network (25 users) anyone got any recommendations that will do
the trick? As long as Demon can telnet in and get refused they will
open
us back up.

Yours bemused and confused.........

Many Thanks
Rob
Rob Mouser
rmouser@xxxxxxx
rob@xxxxxxx


For more information: http://www.automatedhome.co.uk
Post message: ukha_d@xxxxxxx 
Subscribe:  ukha_d-subscribe@xxxxxxx 
Unsubscribe:  ukha_d-unsubscribe@xxxxxxx 
List owner:  ukha_d-owner@xxxxxxx 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/



________________________________________________________________________
This email has been scanned for all viruses by the MessageLabs SkyScan
service. For more information on a proactive anti-virus service working
around the clock, around the globe, visit http://www.messagelabs.com
________________________________________________________________________


For more information: http://www.automatedhome.co.uk
Post message: ukha_d@xxxxxxx 
Subscribe:  ukha_d-subscribe@xxxxxxx 
Unsubscribe:  ukha_d-unsubscribe@xxxxxxx 
List owner:  ukha_d-owner@xxxxxxx

Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.