Best Way to Control Relaying?

Muhammad Nauman nauman at worldcall.net.pk
Thu Apr 19 11:41:47 IST 2007


Best Way to Control Relaying?

--------------------------------------------------------------------------------

Hi all,

Despite having this in my access file

# The /usr/share/doc/sendmail/README.cf is part of the sendmail-doc
# package.
#
# by default we allow relaying from localhost...
localhost.localdomain           RELAY
localhost                       RELAY
AUTH    : OK
*       : REJECT# makemap hash /etc/mail/access.db < /etc/mail/accessand i can clearly see the my sendmail is compiled with AUTH options - As i telnet from another machine

250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE 15000000
250-AUTH LOGIN PLAIN
250-DELIVERBY
250 HELP

Its still Not blocking the mail 

250 HELP
Mail from:no at no.com
250 2.1.0 no at no.com... Sender ok
RCPT to:no at no.com
250 2.1.5 no at no.com... Recipient ok

Any idea to why is it still acting like this - where it should not !!

My Sendmail is Compiled with these options as in devtools/Site/site##############################################################APPENDDEF(`conf_sendmail_ENVDEF', `-DMILTER')APPENDDEF(`conf_libmilter_ENVDEF', `-D_FFR_MILTER_ROOT_UNSAFE')dnl SASL2APPENDDEF(`conf_sendmail_ENVDEF', `-DSASL=2')APPENDDEF(`conf_sendmail_LIBS', `-lsasl2')APPENDDEF(`confLIBDIRS', `-L/usr/local/lib/sasl')APPENDDEF(`confINCDIRS', `-I/usr/local/include')dnl BERKELEY DBAPPENDDEF(`confMAPDEF', `-DNEWDB')#################################################################my Sendmail.mc is :----------------------------------------------------------------divert(-1)dnldivert(0)dnlVERSIONID(`Custom Linux config by Douglas Hunley /doug at hunley.homeip.net/ ')OSTYPE(linux)dnlDOMAIN(generic)dnlundefine(`UUCP_RELAY')dnlFEATURE(nouucp, `reject')dnlFEATURE(`delay_checks')dnlundefine(`BITNET_RELAY')dnldefine(`confAUTH_OPTIONS', `A')dnldefine(`confAUTH_MECHANISMS', `LOGIN PLAIN')dnlTRUST_AUTH_MECH(`LOGIN PLAIN')dnldefine(`confDEF_CHAR_SET', `iso-8859-1')dnldefine(`confMAX_MESSAGE_SIZE', `25000000')dnl Denial of Service Attacksdefine(`confMAX_DAEMON_CHILDREN', `100')dnl Denial of Service Attacksdefine(`confCONNECTION_RATE_THROTTLE', `9')dnl Denial of Service Attacksdefine(`confMAXRCPTSPERMESSAGE', `50')dnl Denial of service Attacksdefine(`confSINGLE_LINE_FROM_HEADER', `True')dnldefine(`confSMTP_LOGIN_MSG', `$j')dnldefine(`confDONT_PROBE_INTERFACES', `True')dnldefine(`confTO_INITIAL', `6m')dnldefine(`confTO_CONNECT', `20s')dnldefine(`confTO_HELO', `5m')dnldefine(`confTO_HOSTSTATUS', `2m')dnldefine(`confTO_DATAINIT', `6m')dnldefine(`confTO_DATABLOCK', `35m')dnldefine(`confTO_DATAFINAL', `35m')dnldefine(`confDIAL_DELAY', `20s')dnldefine(`confNO_RCPT_ACTION', `add-apparently-to')dnldefine(`confALIAS_WAIT', `0')dnldefine(`confMAX_HOP', `35')dnldefine(`confQUEUE_LA', `5')dnldefine(`confREFUSE_LA', `12')dnldefine(`confSEPARATE_PROC', `False')dnldefine(`confCON_EXPENSIVE', `true')dnldefine(`confWORK_RECIPIENT_FACTOR', `1000')dnldefine(`confWORK_TIME_FACTOR', `3000')dnldefine(`confQUEUE_SORT_ORDER', `Time')dnldefine(`confPRIVACY_FLAGS', `authwarnings,goaway,restrictmailq,restrictqrun,needmailhelo')dnlFEATURE(`generics_entire_domain')dnlFEATURE(`local_procmail')dnlFEATURE(`masquerade_envelope')dnlFEATURE(`nouucp',`reject')dnlFEATURE(`redirect')dnlFEATURE(`relay_entire_domain')dnlFEATURE(`use_cw_file')dnlFEATURE(`virtuser_entire_domain')dnlFEATURE(access_db, `hash -T<TMPF> /etc/mail/access')dnlFEATURE(lookupdotdomain)dnlFEATURE(`blacklist_recipients')dnlFEATURE(`no_default_msa')dnldefine(`confDONT_PROBE_INTERFACES', true)dnldefine(`confBAD_RCPT_THROTTLE',`2')dnldefine(`confTO_IDENT',`0')dnldefine(`confSMTP_LOGIN_MSG',`')dnldefine(`confMIN_FREE_BLOCKS', 4000)dnldefine(`confMAX_DAEMON_CHILDREN', 100)dnldefine(`PROCMAIL_MAILER_PATH', `/usr/bin/procmail')dnldefine(`STATUS_FILE', `/etc/mail/statistics')dnlFEATURE(`virtusertable', `hash /etc/mail/virtusertable')dnldefine(`confPRIVACY_FLAGS', `authwarnings,goaway,noreceipts,noexpn,novrfy,noetrn,needmailhelo,restrictmailq,restrictqrun,restrictexpand,nobodyreturn')dnldefine(`HELP_FILE', `/dev/null')dnlFEATURE(smrsh, `/usr/sbin/smrsh')dnlFEATURE(ratecontrol)dnlFEATURE(conncontrol)dnldnl FEATURE(`greet_pause',`3000')dnlFEATURE(`mailertable')dnlFEATURE(`always_add_domain')dnlFEATURE(`use_cw_file')dnlFEATURE(`local_procmail')dnlMAILER(local)dnlMAILER(procmail)dnlMAILER(smtp)dnl___________________________________________________________________________________________________________________I m Really Worried Beacause Even When i Empty my Access file and then Makemap hasth Access.db file it still allows mail as :>telnet 192.168.1.9 25 220  ESMTPehlo qmail250-worldcall.net.pk Hello noc.worldcall.net.pk [203.81.1] you250-ENHANCEDSTATUSCODES250-PIPELINING250-8BITMIME250-SIZE 25000000250-AUTH LOGIN PLAIN250-DELIVERBY250 HELPmail from:anyone at what.com250 2.1.0 anyone at what.com... Sender okrcpt to:all at all.com250 2.1.5 all at all.com... Recipient okdata354 Enter mail, end with "." on a line by itself.354 Enter mail, end with "." on a line by itself250 2.0.0 l3JFQaWT004671 Message accepted for deliveryPlease HELP !!Thanking in Advance.Nauman.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20070419/b4725fad/attachment.html


More information about the MailScanner mailing list