Date: Thu, 19 Jun 2003 22:11:54 +0930 From: Steven Wiltshire <steven@mig15.net> To: =?ISO-8859-1?Q?Andreas_Wider=F8e_Andersen?= <awand@pragma.no>, freebsd-questions@freebsd.org Subject: Re: Do I have an open relay? Message-ID: <3EF1AF92.2070403@mig15.net> In-Reply-To: <5.2.0.9.0.20030619141344.02971008@mail.pragma.no> References: <5.2.0.9.0.20030619141344.02971008@mail.pragma.no>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello Andreas, You may have an open relay. What does your "/etc/mail/access" file look like? It should contain the networks or IP addresses you wish to be able to use your server to relay through. For example, mine looks similar to this: -------------------------- 10.0.0 RELAY 127.0.0.1 RELAY (where my local network is 10.0.0.0/24) --Steven Andreas Widerĝe Andersen wrote: > Hi, > I'm a bit nervous here. Recently I've started getting 20-25 mails to > my Postmaster account on my FreeBSD 4.8RC server running Sendmail > 8.12.8/8.12.8 each day with a message to Postmaster that the mail > could not be delivered. > > In the daily run output from the server I see messages like these: > > Mail in local queue: > /var/spool/mqueue (15 requests) > -----Q-ID----- --Size-- -----Q-Time----- > ------------Sender/Recipient----------- > h5IGWCj5047460 4477 Wed Jun 18 18:44 MAILER-DAEMON > (Deferred: Connection refused by mobilemice.com.) > <RevaO@mobilemice.com> > h5HJ1xj4020111 4251 Tue Jun 17 21:03 MAILER-DAEMON > (Deferred: Connection refused by distanteye.com.) > <FKettle@distanteye.com> > h5HFHEj3015655 3298 Tue Jun 17 17:17 MAILER-DAEMON > (host map: lookup (triplepipe.com): deferred) > <Jestine.Lack@triplepipe.com> > > I have no relations with these hosts. > > In the maillog from the server I see this: > > Jun 19 14:09:19 server sendmail[71128]: h5G21ij4070939: > to=<AshleighA@distanteye.com>, delay=3+10:06:00, xdelay=00:00:00, > mailer=esmtp, pri=15062899, relay=distanteye.com., dsn=4.0.0, > stat=Deferred: Connection refused by distanteye.com. > Jun 19 14:09:19 server sendmail[71128]: h5FLiJj3065159: > to=<AshleighA@distanteye.com>, delay=3+14:25:00, xdelay=00:00:00, > mailer=esmtp, pri=15962899, relay=distanteye.com., dsn=4.0.0, > stat=Deferred: Connection refused by distanteye.com. > Jun 19 14:10:57 server sendmail[71128]: h5FLgVj3065158: > to=af@fvr.no,bw@fvr.no,gs@fvr.no,hr@fvr.no,rh@fvr.no, > delay=3+14:28:25, xdelay=00:01:38, mailer=esmtp, pri=16261875, > relay=mailgw.c2i.net., dsn=4.0.0, stat=Deferred: 450 Unable to find > distanteye.com > Jun 19 14:10:57 server sendmail[71128]: h5F0VUj4040115: > to=<Hanemann.Bryanna@mobilemice.com>, delay=4+11:37:52, > xdelay=00:00:00, mailer=esmtp, pri=19742831, relay=mobilemice.com., > dsn=4.0.0, stat=Deferred: Connection refused by mobilemice.com. > Jun 19 14:10:57 server sendmail[71128]: h5EKGnj3034414: > to=<Hanemann.Bryanna@mobilemice.com>, delay=4+15:54:08, > xdelay=00:00:00, mailer=esmtp, pri=20642831, relay=mobilemice.com., > dsn=4.0.0, stat=Deferred: Connection refused by mobilemice.com. > > The mailq (/var/log/mqueue) contains 30 messages, both dfh* and qfh*. > > I've manually configured my .mc file which looks like this (I'm > running Procmail and Spamassassin): > > divert(0) > VERSIONID(`$FreeBSD: src/etc/sendmail/freebsd.mc,v 1.10.2.17 > 2002/11/14 03:21:18 keramida Exp $') > OSTYPE(freebsd4) > DOMAIN(generic) > > FEATURE(access_db, `hash -o -T<TMPF> /etc/mail/access') > FEATURE(blacklist_recipients) > FEATURE(local_lmtp) > FEATURE(mailertable, `hash -o /etc/mail/mailertable') > FEATURE(virtusertable, `hash -o /etc/mail/virtusertable') > > dnl Uncomment to allow relaying based on your MX records. > dnl NOTE: This can allow sites to use your server as a backup MX without > dnl your permission. > dnl FEATURE(relay_based_on_MX) > dnl DNS based black hole lists > dnl -------------------------------- > dnl DNS based black hole lists come and go on a regular basis > dnl so this file will not serve as a database of the available servers. > dnl For that, visit > dnl > http://directory.google.com/Top/Computers/Internet/Abuse/Spam/Blacklists/ > > dnl Uncomment to activate Realtime Blackhole List > dnl information available at http://www.mail-abuse.com/ > dnl NOTE: This is a subscription service as of July 31, 2001 > dnl FEATURE(dnsbl) > dnl Alternatively, you can provide your own server and rejection message: > dnl FEATURE(dnsbl, `blackholes.mail-abuse.org', `"550 Mail from " > $&{client_addr} " rejected, see http://mail-abuse.org/cgi-bin/lookup?" > $&{client_add > r}') > > dnl Dialup users should uncomment and define this appropriately > dnl define(`SMART_HOST', `your.isp.mail.server') > > dnl Uncomment the first line to change the location of the default > dnl /etc/mail/local-host-names and comment out the second line. > dnl define(`confCW_FILE', `-o /etc/mail/sendmail.cw') > define(`confCW_FILE', `-o /etc/mail/local-host-names') > > dnl Uncomment both of the following lines to listen on IPv6 as well as > IPv4 > dnl DAEMON_OPTIONS(`Name=IPv4, Family=inet') > dnl DAEMON_OPTIONS(`Name=IPv6, Family=inet6') > > define(`confBIND_OPTS', `WorkAroundBrokenAAAA') > define(`confMAX_MIME_HEADER_LENGTH', `256/128') > define(`confNO_RCPT_ACTION', `add-to-undisclosed') > define(`confPRIVACY_FLAGS', `authwarnings,noexpn,novrfy') > FEATURE(local_procmail) > MAILER(local) > MAILER(smtp) > > If I try to telnet to my server from "somewhere" I get relaying denied > so I think I've got it right, but somehow I have a feeling someone is > getting through somehow. I'm running Apache, MySQL, PHP and other > "webserver" related apps on the same machine. > > Thanks for any help! > Andreas > > > --- > Andreas Widerĝe Andersen <awand@pragma.no> > Pragma AS > > http://www.pragma.no > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3EF1AF92.2070403>