On Tue, 26 Oct 2004, tonix (Antonio Nati) wrote:
Patch is working in a production enviromnent, but it is anyway released as "development" version, because changes are so important that I'ld like to have a wider testing.
As usual, please help me testing it. Any bug warning, feedback or comment is welcome!
It looks like there are some issues with verifying the sender dns...
Two things I've noticed:
-This patch seems to undo the "mfcheck" patch. Previous to patching with chkuser, qmail-smtpd would reject any mail without a proper dns entry for the envelope sender, now it seems to let that all through. My only patches are Bill Shupp's toaster patch and chkuser 2.0.7.
-Turning on what I think is the equivalent option in chkuser does not seem to do anything (#define CHKUSER_SENDER_MX).
For example, with /var/qmail/control/mfcheck set to 1 and the above define set in chkuser_settings.h:
[EMAIL PROTECTED]/home/spork]# telnet localhost 25 Trying 127.0.0.1... Connected to localhost Escape character is '^]'. 220 xena.foo.net UCE PROHIBITED ESMTP mail from: [EMAIL PROTECTED] 250 ok quit 221 xena.foo.net UCE PROHIBITED Connection closed by foreign host.
And just to be sure, from outside any tcprules checks:
[EMAIL PROTECTED] telnet mail.foo.net 25 Trying 216.220.96.26... Connected to mail.foo.net. Escape character is '^]'. 220 xena.foo.net UCE PROHIBITED ESMTP mail from: [EMAIL PROTECTED] 250 ok quit 221 xena.foo.net UCE PROHIBITED Connection closed by foreign host.
[EMAIL PROTECTED] host -t mx no.real.domain.here.tv.us Host not found.
That should be rejected outright, correct?
Thanks,
Charles
Tonino
------------------------------------------------------------ [EMAIL PROTECTED] Interazioni di Antonio Nati http://www.interazioni.it [EMAIL PROTECTED] ------------------------------------------------------------
