Let's be clear: ORBS no longer exists: it's last operator is currently a fugitive from the law in his home country of New Zealand. You have a machine listed in ORDB, which is a very different operation.Hello, We've been added to ORBS because our mail server(s) allows third-party relaying.Some facts: IMPORTANT ROUTER TABLE EXCERPTS <*@grafisis.nl> = * ; For local delivery SMTP SETTINGS Relay for Clients Only = ON Verify Return Paths = ON Client Hosts contains only local addresses TEST RESULTS (Using the Router Test, or by ORBS) in: [EMAIL PROTECTED] out: marvin at SMTP(marvin.ordb.org) (safe) And indeed it does relay the message outside!!!!
I do not think so.What can I do about it? On first view it really seems to be a router bug. Am I correct?
The machine listed in ORDB is 195.64.40.46, your secondary mail server, aka bougie. Your primary (pakking) IS NOT listed.
I suspect that the problem lies in the client list on pakking. There should be no need for bougie to be in the client list on pakking, and if you have it there, anything offered to pakking by bougie will be relayed.
Note that to be a secondary mail exchanger for your domain, bougie should n ever need to relay mail through pakking, only offer it mail for final delivery, and for that you do not need to include it in the client list.
This DOES point up a flaw in SIMS. There is no way to tell SIMS that it should always accept mail coming from a particular machine for delivery, but not for relay. Some people prevent the 'TempBan' blacklisting of their secondary by adding it to the client list of their primary, but this makes their machines a multi-stage relay: relay tests offered to the first machine with routing tricks in the target address pointing the mail at the primary will get relay tests through. There are few if any spammers who actually use this sort of trick with anything like the sophistication of the rabid relay testers, but it is at least a theoretical hole through which spam could be pumped.
As a solution, I suggest reconsidering whether you really have any use for that secondary mail exchanger. Being in the same /24 network, they are not going to see much difference in connectivity to the world at large, so unless there's some reason that pakking is routinely offline, you really don't gain much of anything from having bougie as a secondary and with SIMS, you end up having to decide between this small relay hole and the risk of TempBanning the secondary when you really need it.
--
Bill Cole
[EMAIL PROTECTED]
#############################################################
This message is sent to you because you are subscribed to
the mailing list <[EMAIL PROTECTED]>.
To unsubscribe, E-mail to: <[EMAIL PROTECTED]>
To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]>
To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]>
Send administrative queries to <[EMAIL PROTECTED]>
