I found that the only way to not have an open relay was by following a
document in the Ipswitch Knowledge Base (Doc IM-19980116-JB02) "IMail - Mail
Relay Options."
To boil it down, for SMTP Security, you must select either "No Mail Relay"
or "Relay for Addresses." Any other selection leaves the server open for
relaying Spam.
Any user other than the ones on the server machine will, by definition, need
to have their mail "relayed" by the server. The solution is for those users
(those who have an account on the server) will need to set "My SMTP server
requires authentication" in their mail client software.
The other option, if "Relay for Addresses" is selected for the server, is to
set the users IP address (presumably static) in the list of "Addresses."
A note about Macintosh computers. I have yet to figure out how to
successfully "Authenticate" to the server. I have set it to authenticate,
but it apparently doesn't work (for Outlook Express 5). Fortunately, I had
the foresight to order a static IP with my DSL, so I'm using the "Relay for
Addresses" option. We managed to get off a couple of "bad guy" lists.
Lee
--
Lee Woolman [mailto:[EMAIL PROTECTED]]
Phone (805) 987-3643 voice or fax
http://cybrhost.com - High Speed Ecommerce Hosting
> From: kaigler <[EMAIL PROTECTED]>
> Reply-To: [EMAIL PROTECTED]
> Date: Thu, 23 Aug 2001 21:51:18 -0500
> To: [EMAIL PROTECTED]
> Subject: [IMail Forum] ORDB.org Continued.....
>
> Scott,
>
> I apologize for sending this to you but the imail list is not in good
> shape, I find my messages sometimes never make it there and other
> times it makes it there in a very untimely fashion.
>
> Is this something you could help me with?
>
> I noticed the other day my logs were growing exponentially. Today I had
> the time to look at it. This was my reply to anothers similar problem.
>
> thanks in advance,
> Bill Kaigler
> --------------------------------
>
> I find this funny that over the last week my logs have become enormous
> because of ORDB. I work for an association that sends out blast emails to
> their members. Some of these members are hosting somewhere that believes
> in ORDB.
>
> So, I have no choice but to comply to some third parties rules or suffer
> the consequences of bounced emails and huge logs and more drain on the
> server since they are replying no each of the 20 times I try to send out an
> email.
>
> If someone could help me make sure I have the right fields checked I would
> appreciate it. Here is some background information:
>
> Imail 6.05 (I am waiting to switch, I have the disks but no time. Is it
> safe to go to 7?)
> I use killer web templates
> A lot of my clients members use aol and compuserve so I need to be able to
> allow compuserve and aol to switch ip's every refresh.
>
> * I want to only relay mail for local users (I assume this means any domain
> on my server and any of their users)
>
> So I have the following checked:
>
> Relay for local users only
>
> Allow remote mail to local groups
> Refuse Null<>Senders
> Check valid sender
> Auto deny possible hack events
> Disable smtp VRFY command
>
>
> Am I good to go?
>
>
> thanks,
> Bill Kaigler
>
>
>
> At 09:18 AM 8/22/2001 -0400, you wrote:
>
>>> Does anybody know, "Am I being shakin down here?"
>>
>> No.
>>
>>> Who is ORDB.org and where did they come from....
>>
>> They are one of the handful of replacements for ORBS that popped up when
>> Alan decided to quickly shut down ORBS.
>>
>>> I am getting mail saying that I am relaying mail from them and that i will
>>> be listed in their DB of open relays.
>>
>> Well, that begs the question: Are you relaying?
>>
>> The answer, for you, is "no and yes" (in that order). The chances of a
>> spammer using your open relay are small, because the obvious hole is
>> closed. But you still do have a hole.
>>
>>> This guy Boll Overgaard says that his software is more up to date than the
>>> other spamcops after I sent him the Maps results. Is there no standard
>>> for the
>>> police?
>>
>> Nope. You can't just say "I'm not an open relay". It's kind of like
>> telling a cop, "Please don't arrest me, I'm innocent." You have to prove it.
>>
>> There are about 20 different ways that a spammer can relay through your
>> mail server. Someone recently posted a link to a site (
>> http://www.abuse.net ?) that tests most of those ways.
>>
>>> This spamcop thing is starting to remind me of ASCAP and BMI in the music
>>> industry.
>>
>> Not many people will block based on ORDB. They know better.
>>
>>> I do not have relaying for addresses set-up. Is that ORDB's business?
>>
>> YES! It is their business to know if you are an open relay. Whether or
>> not that is *right* is quite debatable.
>>
>>> My log sizes are consistent and no huge abuse attempts are obvious. Many are
>>> trying...... I am sure that someone slips through. But is that what this
>>> ORDB guy is saying...."no-one gets through or I put you on my list?"
>>
>> Yes. But, if you are set up properly, no-one should be able to get
>> through (except your own customers, but ORDB won't list you for that --
>> others take care of that).
>>
>>> But still, the point being is that I am OK with the other spamcops.
>>
>> But it's possible that they don't have you listed because they don't know
>> of a spamming method that ORDB does know about.
>>
>>> All I need is an understanding of what these want without someone getting
>>> weird about it and just telling me to fix it or else.
>>
>> Now we come to the point.
>>
>> Go to your \IMail\spool\SYS0819.TXT file.
>>
>> Search for "spamtest@". You'll see where the E-mail came in, and where it
>> was delivered.
>>
>> You'll need to contact IMail about how to fix the problem. Since you're
>> running IMail 4.x, you'll probably need to upgrade in order to get off of
>> ORDB. Or, don't upgrade, and accept being on ORDB knowing that very few
>> people are going to block your mail.
>>
>> -Scott
>> ---
>> Declude: Anti-virus, Anti-spam and Anti-hijacking solutions for
>> IMail. http://www.declude.com
>>
>>
>>
>> Please visit http://www.ipswitch.com/support/mailing-lists.html to be
>> removed from this list.
>>
>> An Archive of this list is available at:
>> http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
>
>
> Please visit http://www.ipswitch.com/support/mailing-lists.html
> to be removed from this list.
>
> An Archive of this list is available at:
> http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
>
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
An Archive of this list is available at:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
