Best Way to Control Relaying?
Scott Silva
ssilva at sgvwater.com
Mon Jul 3 20:09:33 IST 2006
Muhammad Nauman spake the following on 7/1/2006 12:53 PM:
>
>> Muhammad Nauman wrote:
>>>
>>>>> Hi all,
>>>>>
>>>>> Despite having this in my access fil
>>>>>
>>>>> # The /usr/share/doc/sendmail/README.cf is part of the
>>>>> sendmail-doc # package.
>>>>> #
>>>>> # by default we allow relaying from localhost...
>>>>> localhost.localdomain RELAY
>>>>> localhost RELAY
>>>>> AUTH : OK
>>>>> * : REJECT
>>>>>
>>>
>>> No i telnet it on port 25 from another machine .
>>>
>>> where i could find any error abt it ?
>>>
>>>
>>>
>> Did you recompile the access file? Usually "make -C /etc/mail" or
>> "makemap hash < /etc/mail/access > /etc/mail/access.db" and then
>> restart the sendmail process (or MailScanner) should do it.
>>
>> I never have to use "AUTH: OK" and "*: REJECT" ... it's set up that
>> way implicitly.
>
> how are you controlling your RELAYING feature then ?
>
> yes i did all that --
> makemap hash /etc/mail/access.db < /etc/mail/access
>
> and have restart mailscanner ( or only just sendmail ) but the output is
> same
>
> where as - if i do check the option in my mail client to AUTH SMPT -
> then it verifies and works fine
>
> the PROBLEM is - why is it not blocking those who are not AUTHORIZING !!!
>
> its like an OPEN RELAY - with out it
>
You stated above that you restarted sendmail, but sendmail should not be
started by itself. It should be stopped from starting in any init scripts, and
MailScanner will start it.
--
MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't!!!!
More information about the MailScanner
mailing list