securing relay...
JD Doelitzsch
jd at BARITEC.COM
Wed Oct 5 21:22:07 IST 2005
[ The following text is in the "iso-8859-1" character set. ]
[ Your display is set for the "US-ASCII" character set. ]
[ Some characters may be displayed incorrectly. ]
Thanks again guys, I checked the relay using those site and it seems to be
secure. I think what might be happening is my MS box takes any email then
forwards it to my winbox which will accept or deny depending on if there is
such a user. If no user my MS box tries to return to sender and so it looks
like spam is going out. Is this a possible scenario? would this generate
enough returned email that is spam to blacklist me? I am considering using
milter-ahead as a possible fix. What do you think?
-JD
-----Original Message-----
From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK]On
Behalf Of Dhawal Doshy
Sent: Tuesday, October 04, 2005 1:17 AM
To: MAILSCANNER at JISCMAIL.AC.UK
Subject: Re: securing relay...
> Hey guys,
>
> Im not sure if this has to do with MailScanner or not, because its just
> totally beyond me, maybe you can shed some light or point me in the
> right
> direction. The setup is MailScanner pushes to exchange via
> Mailertable/sendmail. Access only has mydomain.com in it. When I telnet
> to
> the MS box relay-denied(good) when trying to send other than
> mydomain.net as
> far as i can tell, But when monitoring packets I see spam originating or
> relaying from my MS server to the net. It's getting me blacklisted. What
> kind of command lets people relay? thats the one thing i can't verify
> when
> looking through the packets. I would like the MSbox only to relay to my
> exchange server and nowhere else. The only thing i can think or is to
> put a
> firewall on the MS box to only allow outgoing to my exchange box. What
> would
> be the forseeable results of that? is there a better way?
>
> -JD
Check the results of 'telnet relay-test.mail-abuse.org' from a shell on
your mail server..
Fix the problem for whatever is allowed to relay. Also read this once
again if you haven't already, theres always something that you could
have missed out on :)
http://wiki.mailscanner.info/doku.php?id=best_practices
- dhawal
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
More information about the MailScanner
mailing list