Best Way to Control Relaying?

Arthur Sherman arturs at netvision.net.il
Thu Apr 19 11:53:04 IST 2007


could it be that you connect from whitelisted machine?
 

Best,

--
Arthur 

 


  _____  

From: mailscanner-bounces at lists.mailscanner.info
[mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Muhammad
Nauman
Sent: Thursday, April 19, 2007 1:42 PM
To: MailScanner discussion
Subject: Best Way to Control Relaying?



Best Way to Control Relaying?

  _____  

Hi all,



Despite having this in my access file



# The /usr/share/doc/sendmail/README.cf is part of the sendmail-doc

# package.

#

# by default we allow relaying from localhost...

localhost.localdomain           RELAY

localhost                       RELAY

AUTH    : OK

*       : REJECT
# makemap hash /etc/mail/access.db < /etc/mail/access
and i can clearly see the my sendmail is compiled with AUTH options - As i
telnet from another machine



250-ENHANCEDSTATUSCODES

250-PIPELINING

250-8BITMIME

250-SIZE 15000000

250-AUTH LOGIN PLAIN

250-DELIVERBY

250 HELP



Its still Not blocking the mail 



250 HELP

Mail from:no at no.com
<http://lists.mailscanner.info/mailman/listinfo/mailscanner> 

250 2.1.0 no at no.com...
<http://lists.mailscanner.info/mailman/listinfo/mailscanner>  Sender ok

RCPT to:no at no.com
<http://lists.mailscanner.info/mailman/listinfo/mailscanner> 

250 2.1.5 no at no.com...
<http://lists.mailscanner.info/mailman/listinfo/mailscanner>  Recipient ok



Any idea to why is it still acting like this - where it should not !!



My Sendmail is Compiled with these options as in devtools/Site/site
##############################################################
APPENDDEF(`conf_sendmail_ENVDEF', `-DMILTER')
APPENDDEF(`conf_libmilter_ENVDEF', `-D_FFR_MILTER_ROOT_UNSAFE')
dnl SASL2
APPENDDEF(`conf_sendmail_ENVDEF', `-DSASL=2')
APPENDDEF(`conf_sendmail_LIBS', `-lsasl2')
APPENDDEF(`confLIBDIRS', `-L/usr/local/lib/sasl')
APPENDDEF(`confINCDIRS', `-I/usr/local/include')
dnl BERKELEY DB
APPENDDEF(`confMAPDEF', `-DNEWDB')
#################################################################
my Sendmail.mc is :
----------------------------------------------------------------
divert(-1)dnl
divert(0)dnl
VERSIONID(`Custom Linux config by Douglas Hunley /doug at hunley.homeip.net/
')
OSTYPE(linux)dnl
DOMAIN(generic)dnl
undefine(`UUCP_RELAY')dnl
FEATURE(nouucp, `reject')dnl
FEATURE(`delay_checks')dnl
undefine(`BITNET_RELAY')dnl
define(`confAUTH_OPTIONS', `A')dnl
define(`confAUTH_MECHANISMS', `LOGIN PLAIN')dnl
TRUST_AUTH_MECH(`LOGIN PLAIN')dnl
define(`confDEF_CHAR_SET', `iso-8859-1')dnl
define(`confMAX_MESSAGE_SIZE', `25000000')dnl Denial of Service Attacks
define(`confMAX_DAEMON_CHILDREN', `100')dnl Denial of Service Attacks
define(`confCONNECTION_RATE_THROTTLE', `9')dnl Denial of Service Attacks
define(`confMAXRCPTSPERMESSAGE', `50')dnl Denial of service Attacks
define(`confSINGLE_LINE_FROM_HEADER', `True')dnl
define(`confSMTP_LOGIN_MSG', `$j')dnl
define(`confDONT_PROBE_INTERFACES', `True')dnl
define(`confTO_INITIAL', `6m')dnl
define(`confTO_CONNECT', `20s')dnl
define(`confTO_HELO', `5m')dnl
define(`confTO_HOSTSTATUS', `2m')dnl
define(`confTO_DATAINIT', `6m')dnl
define(`confTO_DATABLOCK', `35m')dnl
define(`confTO_DATAFINAL', `35m')dnl
define(`confDIAL_DELAY', `20s')dnl
define(`confNO_RCPT_ACTION', `add-apparently-to')dnl
define(`confALIAS_WAIT', `0')dnl
define(`confMAX_HOP', `35')dnl
define(`confQUEUE_LA', `5')dnl
define(`confREFUSE_LA', `12')dnl
define(`confSEPARATE_PROC', `False')dnl
define(`confCON_EXPENSIVE', `true')dnl
define(`confWORK_RECIPIENT_FACTOR', `1000')dnl
define(`confWORK_TIME_FACTOR', `3000')dnl
define(`confQUEUE_SORT_ORDER', `Time')dnl
define(`confPRIVACY_FLAGS',
`authwarnings,goaway,restrictmailq,restrictqrun,needmailhelo')dnl
FEATURE(`generics_entire_domain')dnl
FEATURE(`local_procmail')dnl
FEATURE(`masquerade_envelope')dnl
FEATURE(`nouucp',`reject')dnl
FEATURE(`redirect')dnl
FEATURE(`relay_entire_domain')dnl
FEATURE(`use_cw_file')dnl
FEATURE(`virtuser_entire_domain')dnl
FEATURE(access_db, `hash -T<TMPF> /etc/mail/access')dnl
FEATURE(lookupdotdomain)dnl
FEATURE(`blacklist_recipients')dnl
FEATURE(`no_default_msa')dnl
define(`confDONT_PROBE_INTERFACES', true)dnl
define(`confBAD_RCPT_THROTTLE',`2')dnl
define(`confTO_IDENT',`0')dnl
define(`confSMTP_LOGIN_MSG',`')dnl
define(`confMIN_FREE_BLOCKS', 4000)dnl
define(`confMAX_DAEMON_CHILDREN', 100)dnl
define(`PROCMAIL_MAILER_PATH', `/usr/bin/procmail')dnl
define(`STATUS_FILE', `/etc/mail/statistics')dnl
FEATURE(`virtusertable', `hash /etc/mail/virtusertable')dnl
define(`confPRIVACY_FLAGS',
`authwarnings,goaway,noreceipts,noexpn,novrfy,noetrn,needmailhelo,restrictma
ilq,restrictqrun,restrictexpand,nobodyreturn')dnl
define(`HELP_FILE', `/dev/null')dnl
FEATURE(smrsh, `/usr/sbin/smrsh')dnl
FEATURE(ratecontrol)dnl
FEATURE(conncontrol)dnl
dnl FEATURE(`greet_pause',`3000')dnl
FEATURE(`mailertable')dnl
FEATURE(`always_add_domain')dnl
FEATURE(`use_cw_file')dnl
FEATURE(`local_procmail')dnl
MAILER(local)dnl
MAILER(procmail)dnl
MAILER(smtp)dnl
____________________________________________________________________________
_______________________________________
I m Really Worried Beacause Even When i Empty my Access file and then
Makemap hasth Access.db file it still allows mail as :
>telnet 192.168.1.9 25
 
220  ESMTP
ehlo qmail
250-worldcall.net.pk Hello noc.worldcall.net.pk [203.81.1] you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE 25000000
250-AUTH LOGIN PLAIN
250-DELIVERBY
250 HELP
mail from:anyone at what.com
250 2.1.0 anyone at what.com... Sender ok
rcpt to:all at all.com
250 2.1.5 all at all.com... Recipient ok
data
354 Enter mail, end with "." on a line by itself
.

354 Enter mail, end with "." on a line by itself
250 2.0.0 l3JFQaWT004671 Message accepted for delivery
Please HELP !!
Thanking in Advance.
Nauman.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20070419/f062cf5e/attachment.html


More information about the MailScanner mailing list