yes, it should let you connect, as thats how other mail servers out
on the internet connect and send mail to people within your domain.
I was thinking you could manually talk the SMTP protocol and try
relaying to domains outside your mail server to see if it says relaying denied.
Can you find the IP that is relaying the spam? Does it indeed start
with 128? How are you figuring that the one particular email address
is doing the spamming, just because it is in the From address, or what?
At 02:04 PM 3/27/2013, you wrote:
When I tried telnet to the mail server from outside the network on port 25.
It let me connect with out authenticating. Should it have ? how can I stop
this .
-----Original Message-----
From: Jon Myers [mailto:myer...@alfredstate.edu]
Sent: Wednesday, March 27, 2013 1:12 PM
To: qmailtoaster-list@qmailtoaster.com
Subject: RE: [qmailtoaster] Relaying
Did you really REMOVE sender_nocheck, or did you just set it to 0? I'm
guessing you should have just set it to 0.
Also, by nature, users should be allowed to relay, as thats how they send
mail, but of course they need to authenticate first, unless they are coming
from the local network, in which you can typically bypass checking.
After editing /etc/tcprules.d/tcp.smtp be sure to rebuild with
"/etc/init.d/qmail cdb" (Sorry if I'm pointing out the obvious, just never
know who knows what) Also, you specify:
128.:allow,RELAYCLIENT=""
which means anyone from 128.0.0.0/8 can freely relay. Is that really what
you want? The whole class A?
If you telnet into your mail server from outside your network, can you still
relay without even logging in as a user? (Do you speak fluent SMTP?)
At 12:44 PM 3/27/2013, Rvaught wrote:
>I tried removing sender_nocheck=1 and I am still relaying outside
>mail on that account.
>
>
>
>From: Helmut Fritz [mailto:hel...@fritz.us.com]
>Sent: Wednesday, March 27, 2013 12:18 PM
>To: qmailtoaster-list@qmailtoaster.com
>Subject: RE: [qmailtoaster] Relaying
>
>I believe sender_nockeck=1 is the issue? I think that turns off
>authentication for senders. others with a lot more expertise in tcp
>rules than I will hopefully confirm.
>
>From: Rvaught
>[<mailto:rvau...@libertycasting.com>mailto:rvau...@libertycasting.com]
>Sent: Wednesday, March 27, 2013 8:54 AM
>To:
><mailto:qmailtoaster-list@qmailtoaster.com>qmailtoaster-list@qmailtoaster.c
om
>Subject: [qmailtoaster] Relaying
>
>Somehow I have something setup wrong now and I am having spam being
>relayed thru my email server on one email account . I have changed
>their password. I think I have something wrong in my tcprules.d
>file . I want to allow local users to send mail but block relaying.
>
>I have :
>127.:allow,RELAYCLIENT=""
>192.:allow,RELAYCLIENT=""
>128.:allow,RELAYCLIENT=""
>:allow,BADMIMETYPE="",SENDER_NOCHECK="1",CHKUSER_RCPT_FORMAT="0",CHKUSER_SE
NDER_FORMAT="0",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="75",CHKUSER_WRONGRCPTLI
MIT="50",QMAILQUEUE="/var/qmail/bin/simscan"
>
>192 and 128 are my local networks.
>
>
>Rick
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
