Quoting M.B. ([EMAIL PROTECTED]):
> > -----Original Message-----
> > From: Aaron L. Meehan [mailto:[EMAIL PROTECTED]]
> >
> > Fascinating. qmail is relay-proof by default, so you almost have to
> > purposefully mess up, unless doing something really dumb like
> > allowing percent hack or something, to allow it to relay. Then,
> > having messed up and knew it, you let it be a "rampant spam relay" for
> > a month? I hope I'm not reading that correctly--perhaps it
> > was rampant
> > for a month and you just happened to not notice and only did *today*.
>
> or perhaps he didn't understand the relay control stuff w/ tcpserver
> and didn't have rcpthosts in place or some such. there have been
> plenty of people who have innocently not understood that process
> and removed the file. i would not call it a purposeful breaking of
> qmail. and if you don't know that the percent hack stuff removal is
> "dumb", you may do it not knowing any better. inexperienced is not
> dumb.
Heck, I am being harsh, however "back in the day" when I first tackled
qmail and then switched our network from sendmail, anti-relay was first
and foremost in my mind. There was not anything in the way of Dave
Sill's "Life With qmail." Somehow I managed to muddle through without
us becoming among the vilified spam relays.
I suppose attention to detail is the key. Understanding your software
thouroughly *before* making the box available to the Internet-at-large
is essential. Allowing smtp connections, IMAP connections, POP3
connections, etc., without understanding the ramifications.. well I
guess there are just many more inexperienced administrators out there
nowadays. Disclaimer: I ain't perfect--but I try to pay attention to
detail :) If you don't, your network has just become a menace to the
rest.
Aaron
