[PLUG] Accused of being open relay and blocked still...

Steven A. Adams stevea at nwtechops.com
Sun Apr 20 12:10:02 UTC 2003


On Sun, 2003-04-20 at 00:29, Michael Robinson wrote:
> Trying to send an email maria at m-a-schmid.de from my michael at robinson-west.com 
> private mail account.  I don't know when the retest to see if I'm an open 
> relay happens and even if I am one.  I would assume not anymore because I have
> a rcpthosts file under /var/qmail/control that only lists hosts local to my 
> lan and my domain, robinson-west.com.  This is just irritating.


Hey Michael,
Adding rcpthosts to /var/qmail/control is a big part of stopping qmail
from being an open relay. There is one more thing though: Since qmail
runs under Dan Bernstein's tcpserver it uses tcprules to secure the port
25 connection. The rules are compiled into a .cdb file and read into
tcpserver with the -x option. Normally the rules are placed into
/etc/tcp.smtp and compiled with `/var/qmail/bin/qmailctl cdb`. You might
want to look into the /etc/tcp.smtp file and make sure that the only
entry is one that looks something like <10.0.0.:allow,RELAYCLIENT="">
where 10.0.0. is replaced with your internal network address. Once that
you have finished with tcpserver then you can be certain that you not an
open relay.

For more info, see Dan's notes at http://cr.yp.to.


-- 
Steven A. Adams <stevea at nwtechops.com>





More information about the PLUG mailing list