[olug] qmail relay problem

Brian Roberson roberson at olug.org
Wed Mar 12 05:57:03 UTC 2003


Neal, send us the output of:
/var/qmail/bin/showctl
cat /etc/tcp.smtp ( or wherever you put it )
cat /your/qmail/startup/script/whatever/you/may/be/using


user%domain@[ip.dot.quad]  is a commonly mis-conceived relay check for qmail
( after-the-fact bounce instead of an immediate drop at the smtp level )




----- Original Message -----
From: "neal r" <neallist at wispair.net>
To: <olug at olug.org>
Sent: Friday, March 07, 2003 3:44 PM
Subject: Re: [olug] qmail relay problem


> Christopher Cashell wrote:
>
> > At Tue, 04 Mar 03, Unidentified Flying Banana neal r, said:
> > >    I've been getting messages periodically from various places
> > > indicating that my SMTP server is an open relay - I've got it
configured
> > > to relay for a limited number of internal addresses. I went to
abuse.net
> > > and used their web query thing and I did get this result  -  it
appears
> > > that the machine is at least accepting this form of spam - anyone know
> > > how to lock this down?
> >
> > Have you tried testing it manually?
> >
> > What are you using to allow for connection handling and relaying?  Are
> > you using tcpserver?  Assuming so, do you have the tcpserver cdb setup
> > to only allow internal addresses to relay?  And do you have the QMail
> > rcpthosts file setup properly?
> >
>
>   tcpserver, set up to only talk to internal subnets
>
>   rcpthosts only accepts stuff for our domain - mail.wispair.net,
> wispair.net, etc
>
>
> >
> > > >>> RSET
> > > <<< 250 flushed
> > > >>> MAIL FROM:<spamtest@[63.170.238.6]>
> > > <<< 250 ok
> > > >>> RCPT TO:<relaytest%abuse.net@[63.170.238.6]>
> > > <<< 250 ok
> >
> > There are certain configurations where QMail will initially appear to be
> > accepting a message, but will later reject it.  It's hard to say with
> > 100% certainty without testing it.
> >
>
>   I strongly suspect that is what is happening - but I keep getting these
> open relay mail messages - I've been scheduled for testing yadda yadda
yadda
>
>
> >
> > I'd suggest testing it manually, either via telnet to port 25 if you're
> > comfortable with basic SMTP commands, or by grabbing the rlytest utility
> > (google for it and you'll find it, it's a simple perl script; just edit
> > it so it sends the e-mail back to you, so you can see if it's getting
> > through (though, you might have to use an "alternate" address, so it
> > doesn't get let through as valid mail).
> >
> > Feel free to contact me if you're still having trouble.
> >
> > --
> > | Christopher
> > +------------------------------------------------+
> > | A: No.                                         |
> > | Q: Should I include quotations after my reply? |
> > +------------------------------------------------+
> >
> > _______________________________________________
> > OLUG mailing list
> > OLUG at olug.org
> > http://lists.olug.org/mailman/listinfo/olug
>
> _______________________________________________
> OLUG mailing list
> OLUG at olug.org
> http://lists.olug.org/mailman/listinfo/olug
>




More information about the OLUG mailing list