|
Hi there:
The panorama looks like this:
I have 2 Imail Servers with Relay Settings as
"Relay mail for Addresses" and SMTP AUTH in both servers. The IP address of each
server is allowed at the other server IP Table. So, this weekend (After more
than 3 years with this config and never been an openrelay) , i started receiving
a lot of OPENRELAY emails from a lot of places.
Reported OPENRELAY SERVER: dns2.geo.net.co
(200.69.97.12)
My OTHER IMail
Server: geo.net.co
(200.69.97.11)
The logfile shows for the ordb.org
test:
06:24 08:19 SMTPD(2DFC00BE) [200.69.97.12] connect
62.242.0.190 port 1977
06:24 08:19 SMTPD(2DFC00BE) [62.242.0.190] EHLO localhost.localdomain 06:24 08:19 SMTPD(2DFC00BE) [62.242.0.190] MAIL FROM:<[EMAIL PROTECTED]]> 06:24 08:19 SMTPD(2DFC00BE) [62.242.0.190] RCPT TO:<@geo.net.co:[EMAIL PROTECTED]> 06:24 08:19 SMTPD(2DFC00BE) [62.242.0.190] D:\IMAIL\spool\D4fe72dfc00be33f9.SMD 936 06:24 08:19 SMTP-(00000878) processing D:\IMAIL\spool\Q4fe72dfc00be33f9.SMD 06:24 08:19 SMTP-(00000878) Trying geo.net.co (0) 06:24 08:19 SMTP-(00000878) Connect geo.net.co [200.69.97.11:25] (1) 06:24 08:19 SMTP-(00000878) 220 geo.net.co (IMail 7.15 90800-39) NT-ESMTP Server X1 06:24 08:19 SMTP-(00000878) >EHLO dns2.geo.net.co 06:24 08:19 SMTP-(00000878) 250-geo.net.co says hello 06:24 08:19 SMTP-(00000878) 250-SIZE 0 06:24 08:19 SMTP-(00000878) 250-8BITMIME 06:24 08:19 SMTP-(00000878) 250-DSN 06:24 08:19 SMTP-(00000878) 250-ETRN 06:24 08:19 SMTP-(00000878) 250-AUTH LOGIN 06:24 08:19 SMTP-(00000878) 250-AUTH=LOGIN 06:24 08:19 SMTP-(00000878) 250 EXPN 06:24 08:19 SMTP-(00000878) >MAIL FROM:<[EMAIL PROTECTED]]> 06:24 08:19 SMTP-(00000878) 250 ok 06:24 08:19 SMTP-(00000878) >RCPT To:<[EMAIL PROTECTED]> 06:24 08:19 SMTP-(00000878) 250 ok its for <[EMAIL PROTECTED]> 06:24 08:19 SMTP-(00000878) >DATA 06:24 08:19 SMTP-(00000878) 354 ok, send it; end with <CRLF>.<CRLF> 06:24 08:19 SMTP-(00000878) >. 06:24 08:19 SMTP-(00000878) 250 Message queued 06:24 08:19 SMTP-(00000878) rdeliver geo.net.co [EMAIL PROTECTED] (1) <[EMAIL PROTECTED]]> 1063 06:24 08:19 SMTP-(00000878) >QUIT 06:24 08:19 SMTP-(00000878) 221 Goodbye 06:24 08:19 SMTP-(00000878) finished D:\IMAIL\spool\Q4fe72dfc00be33f9.SMD status=1 So, what i see is that he tries to send the email
through my other server (geo.net.co) and cause geo.net.co has 200.69.97.12 in
his IP Relay table, it sends the imail.
So how to prevent this ?
Thanks.!
Sergio Rinc�n Jaramillo HostMaster GeoNet S.A. TEL (574) 5104701 Fax (574) 2350160 L�nea �nica de Atenci�n al Cliente 3500111 Calle 34B N� 66� 42, Medell�n, Colombia Ya visit� nuestro sitio www.geo.net.co Las opiniones que se expresan en este e-mail son personales y no necesariamente coinciden con las de GeoNet S.A. Este e-mail y todos los archivos transmitidos en �l, incluidas las respuestas y los reenv�os (que pueden incluir modificaciones) son confidenciales y de uso exclusivo del destinatario original, no se debe revelar ni utilizar por una persona distinta al destinatario ni copiar por medio alguno. |
- Re: [IMail Forum] Help!, my server as OPENRELAY Sergio Rinc�n Jaramillo
- Re: [IMail Forum] Help!, my server as OPENREL... R. Scott Perry
- Re: [IMail Forum] Help!, my server as OPE... Sergio Rinc�n Jaramillo
- RE: [IMail Forum] Help!, my server as OPE... Mike Barber
- Re: [IMail Forum] Help!, my server as OPENREL... Len Conrad
- Re: [IMail Forum] Help!, my server as OPE... Sergio Rinc�n Jaramillo
- Re: [IMail Forum] Help!, my server as... Len Conrad
