Phil Trubey wrote:
>Does anyone know of any mail system or firewall that implements this? I
>seem
>to remember that Microsoft Exchange server's SMTP gateway allows you to
>do
>this, which is hilarious considering Microsoft's poor reputation for
>security.
>
Phil,
It is not difficult to do in your sendmail.cf file if your mail agent
is sendmail. Regardless of the mail agent, for an externally visible
mail relay I suggest spooling incoming mail to a queue which is processed
by another mail agent. If you are using a somewhat more paranoid
architecture where mail from within your firewall goes outbound via
another route and never touches your incoming queue, you then have
the ability to use various means to examine the envelope-recipient and
header-recipient. Messages not destined for an internal user can be
handled appropriately at that time.
Cheers,
_Strata
==========================================================================
M. Strata Rose strata @
synopsys .
com Synopsys, Inc.
Senior Systems Administrator (415) 528-4807 Mountain View, CA
Acting Security Architect FAX (415) 694-1627 (415) 962-5000
==========================================================================
|
|
