(1) Why am I not using it? Because I am a cautious person, and I
haven't had to reboot our mail server in over a year. Every time
someone posts to this list about a problem they are having with
SMTPRCV, it makes me take another step back from the decision to use
it. Like any software upgrade or change, I have to be convinced that
the new features of the upgrade outweigh any potential problems.
Also, my server is running W2K3, and Klint posted to this list that
even he wasn't sure what issues there might be with W2K3.
(2) When I originally installed antirelay, localnets was set to yes.
At least until my mail server was declared an open relay by
www.ordb.org, then I had to set localnets to no. What is it that
www.ordb.org didn't like about localnets being set to yes? Though
this happened three years ago, www.ordb.org may be testing
differently now.
(3) With localnets off, any email sent by cgi to a local account on
the server gets there no problem. Two examples are SOUPERMAIL (a
form handling cgi) and ASP.NET applications, both of which are
sending email under these conditions.
Gary
A number of points:
(1) Why aren't you using SMTPRCV? Antirelay doesn't catch all possible
relays, and it should be avoided. (Perhaps you are, and you have just not
made it clear whether you are talking about the Antirelay program or the
antirelay function is SMTPRCV.)
(2) The IPs in the localnets setting are the ones that the mail actually
comes from. It would be impossible for a spammer to send mail from a
loopback address like 127.0.0.1 unless they have a virus running on your
server. That's different than domains that resolve to 127.0.0.1 or explicit
use of 127.0.0.1, both of which have no impact on relay processing.
(3) If you have localnets off, you shouldn't be able to send any mail at all
through the server, as all outgoing mail would look like a relay attempt
(effectively, that's what it is). So I would not be surprised if you can't
get a CGI to send through the server. If you can send mail through it, it
probably is because of one of the antirelay bugs... I believe that setting
is intended for receive-only servers (like my incoming server).
Randy.
Gary Steiner wrote:
> In antirelay, I've always had localnets set to "no" as it seems that
> spammers are able to exploit the use of 127.0.0.1, which is something
> that open relay testers like www.ordb.org can catch. But how does
> that affect local mail sent by things like cgi form handlers? Is
> there a better setup for localnets than what comes as the
> antirelay.ini default?
This is the discussion list for the IMS Free email server software.
To unsubscribe send mailto:[EMAIL PROTECTED]
Delivered by Rockliffe MailSite
http://www.rockliffe.com/mailsite
Rock Solid Software (tm)
