OK. I've used a couple of "open relay checking website" which report "relay accepted" for 3-5 of their tests BUT I can see in the /var/log/exim/main.log that each has a corresponding "rejected RCPT <[email protected]>: discarded by RCPT ACL"
Does this mean All is good? Ritchie From: [email protected] [mailto:[email protected]] On Behalf Of Ritchie P. Fraser Sent: 06 September 2013 14:41 To: Baruwa users list Subject: Re: [Baruwa] Open Relay WTF! exim restarted... $ service MailScanner restart Shutting down MailScanner daemons: MailScanner: [ OK ] incoming exim: [ OK ] outgoing exim: [ OK ] Waiting for MailScanner to die gracefully ... dead. Starting MailScanner daemons: incoming exim: [ OK ] outgoing exim: [ OK ] MailScanner: [ OK ] And added our Exchange Server to the organization... Outbound relay settings Relay Host: 192.168.0.101 From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Jeremy McSpadden Sent: 06 September 2013 14:32 To: Baruwa users list Subject: Re: [Baruwa] Open Relay WTF! Ok, that should have closed up the relay. Restart exim. I am assuming you want to allow your exchange server to relay through ? Go to the Organization and click it's name. In the top right you will see Add Relay Settings. -- Jeremy McSpadden Flux Labs, Inc | http://www.fluxlabs.net<http://www.fluxlabs.net/> | Endless Solutions Office : 850-250-5590x101<tel:850-250-5590;101> | Cell : 850-890-2543<tel:850-890-2543> | Fax : 850-254-2955<tel:850-254-2955> On Sep 6, 2013, at 8:29 AM, "Ritchie P. Fraser" <[email protected]<mailto:[email protected]>> wrote: OK I have uncommented the first and commented out the second lines in the config... domainlist relay_sql_domains = RELAY_SQL_DOMAINS #domainlist relay_sql_domains = There are no records in the relaysettings table. Ritchie From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Jeremy McSpadden Sent: 06 September 2013 14:12 To: Baruwa users list Subject: Re: [Baruwa] Open Relay WTF! Your config: #domainlist relay_sql_domains = RELAY_SQL_DOMAINS domainlist relay_sql_domains = You've made some changes and therefore opened it up as a relay. https://github.com/fluxlabs/baruwa/blob/master/2.0/extras/centos/config/exim/exim.conf#L5 == domainlist relay_sql_domains = RELAY_SQL_DOMAINS Let's take a look at your tables in postgres to see what IPs your allowing to relay. --- su - postgres psql -d baruwa \dt --- You will see the list of tables ... 'relaysettings' is pulled from the Organization ( http://baruwa.domain.com/organizations/1/outbound/add ) --- SELECT * FROM relaysettings; --- baruwa=# SELECT * baruwa-# FROM relaysettings; id | address | username | password | enabled | org_id ----+---------------+----------+----------+---------+-------- 1 | x.x.x.x | | | t | 1 2 | y.y.y.y | | | t | 2 (2 rows) Do you have any odd entries? -- Jeremy McSpadden Flux Labs, Inc | http://www.fluxlabs.net<http://www.fluxlabs.net/> | Endless Solutions Office : 850-250-5590x101<tel:850-250-5590;101> | Cell : 850-890-2543<tel:850-890-2543> | Fax : 850-254-2955<tel:850-254-2955> On Sep 6, 2013, at 7:18 AM, Ritchie P. Fraser <[email protected]<mailto:[email protected]>> wrote: List people. It seems that my exim/MailScanner/Baruwa mail server is an open relay! I have looked at the exim documentation Baruwa documentation and just can't figure out what I have to do. My system was installed using Jeremy's script and the configuration file for exim has been heavily modified by the baruwa script. How do I close the open relay? Kind Regards Ritchie _______________________________________________ http://pledgie.com/campaigns/12056
_______________________________________________ http://pledgie.com/campaigns/12056
