[olug] qmail relay problem

neal r neallist at wispair.net
Fri Mar 7 21:44:37 UTC 2003 

Christopher Cashell wrote:

> At Tue, 04 Mar 03, Unidentified Flying Banana neal r, said:
> >    I've been getting messages periodically from various places
> > indicating that my SMTP server is an open relay - I've got it configured
> > to relay for a limited number of internal addresses. I went to abuse.net
> > and used their web query thing and I did get this result  -  it appears
> > that the machine is at least accepting this form of spam - anyone know
> > how to lock this down?
>
> Have you tried testing it manually?
>
> What are you using to allow for connection handling and relaying?  Are
> you using tcpserver?  Assuming so, do you have the tcpserver cdb setup
> to only allow internal addresses to relay?  And do you have the QMail
> rcpthosts file setup properly?
>

  tcpserver, set up to only talk to internal subnets

  rcpthosts only accepts stuff for our domain - mail.wispair.net,
wispair.net, etc


>
> > >>> RSET
> > <<< 250 flushed
> > >>> MAIL FROM:<spamtest@[63.170.238.6]>
> > <<< 250 ok
> > >>> RCPT TO:<relaytest%abuse.net@[63.170.238.6]>
> > <<< 250 ok
>
> There are certain configurations where QMail will initially appear to be
> accepting a message, but will later reject it.  It's hard to say with
> 100% certainty without testing it.
>

  I strongly suspect that is what is happening - but I keep getting these
open relay mail messages - I've been scheduled for testing yadda yadda yadda


>
> I'd suggest testing it manually, either via telnet to port 25 if you're
> comfortable with basic SMTP commands, or by grabbing the rlytest utility
> (google for it and you'll find it, it's a simple perl script; just edit
> it so it sends the e-mail back to you, so you can see if it's getting
> through (though, you might have to use an "alternate" address, so it
> doesn't get let through as valid mail).
>
> Feel free to contact me if you're still having trouble.
>
> --
> | Christopher
> +------------------------------------------------+
> | A: No.                                         |
> | Q: Should I include quotations after my reply? |
> +------------------------------------------------+
>
> _______________________________________________
> OLUG mailing list
> OLUG at olug.org
> http://lists.olug.org/mailman/listinfo/olug

More information about the OLUG mailing list