No, the last line ":allow" allows people to send mail to you
if the line said ":allow,RELAYCLIENT=""" then you would allow relay mail to
anyone.
a ":deny" would deny any attempts to connect to the tcpserver connection
that were not specifically allowed.
A better idea would be for the original poster to post the logs as proof
that there is a relay happening, and if were lucky some headers and the smtp
logs too.
-- Tim
----- Original Message -----
From: "Todd Finney" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, May 17, 2001 8:47 PM
Subject: Re: unauthorized relay :-(
> At 08:55 PM 5/17/01, Roger Walker wrote:
> > My admin mailbox has been filling up with bounces from
> > aol.com -
> >obvious SPAM that appears to have originated from my qmail system
> >(running
> >ucspi-tcp-0.88 and daemontools-0.70. Here's my rather simple config
> >for
> >tcpserver:
> >
> >127.0.0.1:allow,RELAYCLIENT=""
> >206.75.255.:allow,RELAYCLIENT=""
> >10.:allow,RELAYCLIENT=""
> >:allow
> >
> > The first line is for localhost, the second for my class 'C',
> > the
> >third for private network stuff behind a firewall and through a VPN. I
> >presume the last is to allow anyone to connect to allow them to send
> >to my
> >hosted domains.
>
> Doesn't that last allow line cause an open relay?
>
> http://cr.yp.to/ucspi-tcp/tcprules.html
>
> "The instructions in a rule must begin with either allow or deny. deny
> tells tcpserver to drop the connection without running anything. For
> example, the rule
> :deny
> tells tcpserver to drop all connections that aren't handled by more
> specific rules."
>
> The fact that your local domains appear in the control files is what
> allows the host to receive mail for the domains, not tcpserver.
>
> Todd
>
>
>
>
