Best Way to Control Relaying?

Muhammad Nauman nauman at worldcall.net.pk
Thu Apr 19 12:11:05 IST 2007 

Nopz, it the same from 4 difference machines and i have no whitelisted machine , just configured MailScanner-4.58.9-1
 and Sendmail 8.14.1

Thanks and Regards,

M.Nauman Habib
Network Engineer

  ----- Original Message ----- 
  From: Arthur Sherman 
  To: 'MailScanner discussion' 
  Sent: Thursday, April 19, 2007 3:53 PM
  Subject: RE: Best Way to Control Relaying?


  could it be that you connect from whitelisted machine?

  Best,

  --
  Arthur 





----------------------------------------------------------------------------
    From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Muhammad Nauman
    Sent: Thursday, April 19, 2007 1:42 PM
    To: MailScanner discussion
    Subject: Best Way to Control Relaying?


    Best Way to Control Relaying?

----------------------------------------------------------------------------

Hi all,

Despite having this in my access file

# The /usr/share/doc/sendmail/README.cf is part of the sendmail-doc
# package.
#
# by default we allow relaying from localhost...
localhost.localdomain           RELAY
localhost                       RELAY
AUTH    : OK
*       : REJECT# makemap hash /etc/mail/access.db < /etc/mail/accessand i can clearly see the my sendmail is compiled with AUTH options - As i telnet from another machine

250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE 15000000
250-AUTH LOGIN PLAIN
250-DELIVERBY
250 HELP

Its still Not blocking the mail 

250 HELP
Mail from:no at no.com
250 2.1.0 no at no.com... Sender ok
RCPT to:no at no.com
250 2.1.5 no at no.com... Recipient ok

Any idea to why is it still acting like this - where it should not !!

My Sendmail is Compiled with these options as in devtools/Site/site##############################################################APPENDDEF(`conf_sendmail_ENVDEF', `-DMILTER')APPENDDEF(`conf_libmilter_ENVDEF', `-D_FFR_MILTER_ROOT_UNSAFE')dnl SASL2APPENDDEF(`conf_sendmail_ENVDEF', `-DSASL=2')APPENDDEF(`conf_sendmail_LIBS', `-lsasl2')APPENDDEF(`confLIBDIRS', `-L/usr/local/lib/sasl')APPENDDEF(`confINCDIRS', `-I/usr/local/include')dnl BERKELEY DBAPPENDDEF(`confMAPDEF', `-DNEWDB')#################################################################my Sendmail.mc is :----------------------------------------------------------------divert(-1)dnldivert(0)dnlVERSIONID(`Custom Linux config by Douglas Hunley /doug at hunley.homeip.net/ ')OSTYPE(linux)dnlDOMAIN(generic)dnlundefine(`UUCP_RELAY')dnlFEATURE(nouucp, `reject')dnlFEATURE(`delay_checks')dnlundefine(`BITNET_RELAY')dnldefine(`confAUTH_OPTIONS', `A')dnldefine(`confAUTH_MECHANISMS', `LOGIN PLAIN')dnlTRUST_AUTH_MECH(`LOGIN PLAIN')dnldefine(`confDEF_CHAR_SET', `iso-8859-1')dnldefine(`confMAX_MESSAGE_SIZE', `25000000')dnl Denial of Service Attacksdefine(`confMAX_DAEMON_CHILDREN', `100')dnl Denial of Service Attacksdefine(`confCONNECTION_RATE_THROTTLE', `9')dnl Denial of Service Attacksdefine(`confMAXRCPTSPERMESSAGE', `50')dnl Denial of service Attacksdefine(`confSINGLE_LINE_FROM_HEADER', `True')dnldefine(`confSMTP_LOGIN_MSG', `$j')dnldefine(`confDONT_PROBE_INTERFACES', `True')dnldefine(`confTO_INITIAL', `6m')dnldefine(`confTO_CONNECT', `20s')dnldefine(`confTO_HELO', `5m')dnldefine(`confTO_HOSTSTATUS', `2m')dnldefine(`confTO_DATAINIT', `6m')dnldefine(`confTO_DATABLOCK', `35m')dnldefine(`confTO_DATAFINAL', `35m')dnldefine(`confDIAL_DELAY', `20s')dnldefine(`confNO_RCPT_ACTION', `add-apparently-to')dnldefine(`confALIAS_WAIT', `0')dnldefine(`confMAX_HOP', `35')dnldefine(`confQUEUE_LA', `5')dnldefine(`confREFUSE_LA', `12')dnldefine(`confSEPARATE_PROC', `False')dnldefine(`confCON_EXPENSIVE', `true')dnldefine(`confWORK_RECIPIENT_FACTOR', `1000')dnldefine(`confWORK_TIME_FACTOR', `3000')dnldefine(`confQUEUE_SORT_ORDER', `Time')dnldefine(`confPRIVACY_FLAGS', `authwarnings,goaway,restrictmailq,restrictqrun,needmailhelo')dnlFEATURE(`generics_entire_domain')dnlFEATURE(`local_procmail')dnlFEATURE(`masquerade_envelope')dnlFEATURE(`nouucp',`reject')dnlFEATURE(`redirect')dnlFEATURE(`relay_entire_domain')dnlFEATURE(`use_cw_file')dnlFEATURE(`virtuser_entire_domain')dnlFEATURE(access_db, `hash -T<TMPF> /etc/mail/access')dnlFEATURE(lookupdotdomain)dnlFEATURE(`blacklist_recipients')dnlFEATURE(`no_default_msa')dnldefine(`confDONT_PROBE_INTERFACES', true)dnldefine(`confBAD_RCPT_THROTTLE',`2')dnldefine(`confTO_IDENT',`0')dnldefine(`confSMTP_LOGIN_MSG',`')dnldefine(`confMIN_FREE_BLOCKS', 4000)dnldefine(`confMAX_DAEMON_CHILDREN', 100)dnldefine(`PROCMAIL_MAILER_PATH', `/usr/bin/procmail')dnldefine(`STATUS_FILE', `/etc/mail/statistics')dnlFEATURE(`virtusertable', `hash /etc/mail/virtusertable')dnldefine(`confPRIVACY_FLAGS', `authwarnings,goaway,noreceipts,noexpn,novrfy,noetrn,needmailhelo,restrictmailq,restrictqrun,restrictexpand,nobodyreturn')dnldefine(`HELP_FILE', `/dev/null')dnlFEATURE(smrsh, `/usr/sbin/smrsh')dnlFEATURE(ratecontrol)dnlFEATURE(conncontrol)dnldnl FEATURE(`greet_pause',`3000')dnlFEATURE(`mailertable')dnlFEATURE(`always_add_domain')dnlFEATURE(`use_cw_file')dnlFEATURE(`local_procmail')dnlMAILER(local)dnlMAILER(procmail)dnlMAILER(smtp)dnl___________________________________________________________________________________________________________________I m Really Worried Beacause Even When i Empty my Access file and then Makemap hasth Access.db file it still allows mail as :>telnet 192.168.1.9 25 220  ESMTPehlo qmail250-worldcall.net.pk Hello noc.worldcall.net.pk [203.81.1] you250-ENHANCEDSTATUSCODES250-PIPELINING250-8BITMIME250-SIZE 25000000250-AUTH LOGIN PLAIN250-DELIVERBY250 HELPmail from:anyone at what.com250 2.1.0 anyone at what.com... Sender okrcpt to:all at all.com250 2.1.5 all at all.com... Recipient okdata354 Enter mail, end with "." on a line by itself.354 Enter mail, end with "." on a line by itself250 2.0.0 l3JFQaWT004671 Message accepted for deliveryPlease HELP !!Thanking in Advance.Nauman.

------------------------------------------------------------------------------


  -- 
  MailScanner mailing list
  mailscanner at lists.mailscanner.info
  http://lists.mailscanner.info/mailman/listinfo/mailscanner

  Before posting, read http://wiki.mailscanner.info/posting

  Support MailScanner development - buy the book off the website! 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20070419/2d1bf4af/attachment.html

More information about the MailScanner mailing list