[ctw] Re: ForgedHELO

From: "IBS Ltd." <admin@xxxxxxxxxxxx>
To: ctw@xxxxxxxxxxxxx
Date: Fri, 10 Jul 2009 01:37:44 -0300

Hi,.

Scratch my last message for not being able to send to the outsideworld... that was an LDAP issue - shutting off LDAP was the solution- I can now email out (yeah for me). hehe... sheesh... only twothousand options left to figure out!!

ASSP is an excellent application... just lots of tweaking (for meanyway)...

I am still seeing the spoofing issue - shutting off the check allowedthings to pass through ok...

In order to activate the spoof check - do I have to forceauthentication on 587?

I am trying to get this to work without Force SMTP AUTH... I havemany users I will be moving to assp - having them make a bunch ofchanges to their email applications, devices etc. is not thepreferred method - but I am starting to think it is the only method...


Comments? Suggestions?

Thanks for the help with the forgedHELO Tom - I never would havefigured that out...





On Jul 9, 2009, at 7:23 PM, Tom Shaw wrote:

I am about to release 1.5.1.3 so I do not have the exact sameconfig as befor
Do you have DoFakedUseLocalDomain set or do you useDoFakedUseLocalDomain?
At 9:38 PM -0300 7/8/09, IBS Ltd. wrote:
Using ASSP 1.5.1.2
Localdomains populated
I have searched through the list - not finding an answer... I amobviously missing something.<//www.freelists.org/post/ctw/Forged-Helos-Blocked-Now-invalid-local-sender>
- using the above my settings are the same as Toms.

All hosts that connect are connecting as Forged -

Sample from log below: test from hotmail.
Jul-8-09 21:13:52 [ForgedHELO][alltestmode] 65.55.90.15<ibsltd@xxxxxxxxxxx> to: info@xxxxxx
 [spam found] and passing because alltestmode, otherwise blocked
(ForgedHELO:'snt0-omc1-s4.snt0.hotmail.com') ->
  /applications/assp/spam/6456.eml
Received: from snt0-omc1-s4.snt0.hotmail.com ([65.55.90.15]helo=snt0-omc1-s4.snt0.hotmail.com)
        with IPv4:25 by mail.XXX.ca; 8 Jul 2009 21:13:51 -0300
Received: from SNT102-W11 ([65.55.90.9]) by snt0-omc1-s4.snt0.hotmail.com with Microsoft SMTPSVC(6.0.3790.3959);
         Wed, 8 Jul 2009 17:08:52 -0700
Message-ID: <SNT102-W119ED061A9060A05FA657CCB260@xxxxxxx>
Return-Path: XXX@xxxxxxxxxxx
Content-Type: multipart/alternative;
        boundary="_42c7b169-acdf-4780-a33a-bba737de351e_"
X-Originating-IP: [0.0.0.0]
From: XXX <XXX@xxxxxxxxxxx>
To: "info@xxxxxx" <info@xxxxxx>
Subject: test
Date: Wed, 8 Jul 2009 21:38:51 -0200
Importance: Normal
MIME-Version: 1.0
X-OriginalArrivalTime: 09 Jul 2009 00:08:52.0206 (UTC) FILETIME=[70F230E0:01CA0029]
--_42c7b169-acdf-4780-a33a-bba737de351e_
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

Any suggestions?

--Gary
Circle The Wagons
manage: //www.freelists.org/list/ctwpost:mailto:ctw@xxxxxxxxxxxxx
unsubscribe: mailto:ctw-request@xxxxxxxxxxxxx?subject=unsubscribe
search: //www.freelists.org/archives/ctw
faq: //www.freelists.org/wiki/the_faq
Circle The Wagons
manage: //www.freelists.org/list/ctw post:mailto:ctw@xxxxxxxxxxxxx
unsubscribe: mailto:ctw-request@xxxxxxxxxxxxx?subject=unsubscribe
search: //www.freelists.org/archives/ctw
faq: //www.freelists.org/wiki/the_faq


Circle The Wagons

manage: //www.freelists.org/list/ctwpost: mailto:ctw@xxxxxxxxxxxxx

unsubscribe: mailto:ctw-request@xxxxxxxxxxxxx?subject=unsubscribe
search: //www.freelists.org/archives/ctw
faq: //www.freelists.org/wiki/the_faq

Follow-Ups:
- [ctw] Re: ForgedHELO
  - From: Tom Shaw

References:
- [ctw] ForgedHELO
  - From: IBS Ltd.
- [ctw] Re: ForgedHELO
  - From: Tom Shaw

[ctw] Re: ForgedHELO

Other related posts: