[prev in list] [next in list] [prev in thread] [next in thread]
List: popbsmtp-users
Subject: Sendmail rules for popbsmtp make me an open relay! Help!
From: "Spam" <confirm () corn-bread ! org>
Date: 2005-04-12 0:58:25
Message-ID: 00a301c53f02$6fa58490$951ea8c0 () TESTDOMINO
[Download RAW message or body]
I have been running pop-before-smtp for quite some time now.
Recently I wound up on the njabl.org blacklist. Out of 15 relay tests, I
failed
the last one!!
The relay that got through looked something like this:
rcpt to: relaytest%rr.njabl.org@
Usually this an error that is due to using linuxconf to configure sendmail.
But in this case,
I plugged in my linux conf rules sans the pop-before-smtp code, and that
relay attempt was denied.
This leads me right to the fact that it is the pop-before-smtp code that is
allowing the relay.
(and yes, before you ask: I ran my tests from a server that was NOT in the
pop auth database).
The relevant section of my sendmail.cf file is as follows:
SLocal_check_rcpt
R$* $: $(popauth $&{client_addr} $: <?> $)
R<?> $@ NoPopAuth
R$*<OK> $# OK
Scheck_rcpt
R$* $: $(dequote "" $1 $)
# first: get client address
R$+ $: $(dequote "" $&{client_addr} $) $| $1
R0 $| $* $@ ok client_addr is 0 for sendmail -bs
R$={LocalIP}$* $| $* $@ ok from here
# next: get client name
R$* $| $+ $: $(dequote "" $&{client_name} $) $| $2
R $| $* $@ ok no client name: directly invoked
#R$- $| $* $@ ok for those without full DNS...
R$*$=w $| $* $@ ok from here
R$*$={LocalNames} $| $* $@ ok from allowed system
#R$* $| $* $: $(popauth $1 $)
#ROK $@ OK
# now check other side
R$* $| $* $: $>3 $2
# remove local part
R$+ $:$>removelocal $1
#check popauth.db
R$* $: $1 $| $>"Local_check_rcpt" $1
R$* $| $#$* $#$2
# still something left?
R$*%$*<@> $#error $@ 5.7.1 $: 551 We do not relay
R$*<@$+>$* $#error $@ 5.7.1 $: 551 we do not relay
The $Local_check_rcpt and #check popauth.db sections are the only two that
are different
from my normal config.
So what should I change to stop these tests? Help!
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
popbsmtp-users mailing list
popbsmtp-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/popbsmtp-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic