Best Way to Control Relaying?

Muhammad Nauman nauman at worldcall.net.pk
Fri Apr 20 06:06:00 IST 2007 

Is there Any Other Relay Controlling Mechanism in Sendmail, which can over ride the access file ?

And What if i want to Force Sendmail to Authenticate Every User Before sending any mail , once you start your OUTLOOK .

Like when you Exit you outlook and then login again and then try to send a new mail - it should again ask for AUTH.

Any HELP !!!


Thanks and Regards,

M.Nauman Habib
Network Engineer


  ----- Original Message ----- 
  From: Muhammad Nauman 
  To: MailScanner discussion 
  Sent: Thursday, April 19, 2007 4:11 PM
  Subject: Re: Best Way to Control Relaying?


  Nopz, it the same from 4 difference machines and i have no whitelisted machine , just configured MailScanner-4.58.9-1
  and Sendmail 8.14.1

  Thanks and Regards,

  M.Nauman Habib
  Network Engineer

    ----- Original Message ----- 
    From: Arthur Sherman 
    To: 'MailScanner discussion' 
    Sent: Thursday, April 19, 2007 3:53 PM
    Subject: RE: Best Way to Control Relaying?


    could it be that you connect from whitelisted machine?

    Best,

    --
    Arthur 





--------------------------------------------------------------------------
      From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Muhammad Nauman
      Sent: Thursday, April 19, 2007 1:42 PM
      To: MailScanner discussion
      Subject: Best Way to Control Relaying?


      Best Way to Control Relaying?

--------------------------------------------------------------------------

Hi all,

Despite having this in my access file

# The /usr/share/doc/sendmail/README.cf is part of the sendmail-doc
# package.
#
# by default we allow relaying from localhost...
localhost.localdomain           RELAY
localhost                       RELAY
AUTH    : OK
*       : REJECT# makemap hash /etc/mail/access.db < /etc/mail/accessand i can clearly see the my sendmail is compiled with AUTH options - As i telnet from another machine

250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE 15000000
250-AUTH LOGIN PLAIN
250-DELIVERBY
250 HELP

Its still Not blocking the mail 

250 HELP
Mail from:no at no.com
250 2.1.0 no at no.com... Sender ok
RCPT to:no at no.com
250 2.1.5 no at no.com... Recipient ok

Any idea to why is it still acting like this - where it should not !!

My Sendmail is Compiled with these options as in devtools/Site/site##############################################################APPENDDEF(`conf_sendmail_ENVDEF', `-DMILTER')APPENDDEF(`conf_libmilter_ENVDEF', `-D_FFR_MILTER_ROOT_UNSAFE')dnl SASL2APPENDDEF(`conf_sendmail_ENVDEF', `-DSASL=2')APPENDDEF(`conf_sendmail_LIBS', `-lsasl2')APPENDDEF(`confLIBDIRS', `-L/usr/local/lib/sasl')APPENDDEF(`confINCDIRS', `-I/usr/local/include')dnl BERKELEY DBAPPENDDEF(`confMAPDEF', `-DNEWDB')#################################################################my Sendmail.mc is :----------------------------------------------------------------divert(-1)dnldivert(0)dnlVERSIONID(`Custom Linux config by Douglas Hunley /doug at hunley.homeip.net/ ')OSTYPE(linux)dnlDOMAIN(generic)dnlundefine(`UUCP_RELAY')dnlFEATURE(nouucp, `reject')dnlFEATURE(`delay_checks')dnlundefine(`BITNET_RELAY')dnldefine(`confAUTH_OPTIONS', `A')dnldefine(`confAUTH_MECHANISMS', `LOGIN PLAIN')dnlTRUST_AUTH_MECH(`LOGIN PLAIN')dnldefine(`confDEF_CHAR_SET', `iso-8859-1')dnldefine(`confMAX_MESSAGE_SIZE', `25000000')dnl Denial of Service Attacksdefine(`confMAX_DAEMON_CHILDREN', `100')dnl Denial of Service Attacksdefine(`confCONNECTION_RATE_THROTTLE', `9')dnl Denial of Service Attacksdefine(`confMAXRCPTSPERMESSAGE', `50')dnl Denial of service Attacksdefine(`confSINGLE_LINE_FROM_HEADER', `True')dnldefine(`confSMTP_LOGIN_MSG', `$j')dnldefine(`confDONT_PROBE_INTERFACES', `True')dnldefine(`confTO_INITIAL', `6m')dnldefine(`confTO_CONNECT', `20s')dnldefine(`confTO_HELO', `5m')dnldefine(`confTO_HOSTSTATUS', `2m')dnldefine(`confTO_DATAINIT', `6m')dnldefine(`confTO_DATABLOCK', `35m')dnldefine(`confTO_DATAFINAL', `35m')dnldefine(`confDIAL_DELAY', `20s')dnldefine(`confNO_RCPT_ACTION', `add-apparently-to')dnldefine(`confALIAS_WAIT', `0')dnldefine(`confMAX_HOP', `35')dnldefine(`confQUEUE_LA', `5')dnldefine(`confREFUSE_LA', `12')dnldefine(`confSEPARATE_PROC', `False')dnldefine(`confCON_EXPENSIVE', `true')dnldefine(`confWORK_RECIPIENT_FACTOR', `1000')dnldefine(`confWORK_TIME_FACTOR', `3000')dnldefine(`confQUEUE_SORT_ORDER', `Time')dnldefine(`confPRIVACY_FLAGS', `authwarnings,goaway,restrictmailq,restrictqrun,needmailhelo')dnlFEATURE(`generics_entire_domain')dnlFEATURE(`local_procmail')dnlFEATURE(`masquerade_envelope')dnlFEATURE(`nouucp',`reject')dnlFEATURE(`redirect')dnlFEATURE(`relay_entire_domain')dnlFEATURE(`use_cw_file')dnlFEATURE(`virtuser_entire_domain')dnlFEATURE(access_db, `hash -T<TMPF> /etc/mail/access')dnlFEATURE(lookupdotdomain)dnlFEATURE(`blacklist_recipients')dnlFEATURE(`no_default_msa')dnldefine(`confDONT_PROBE_INTERFACES', true)dnldefine(`confBAD_RCPT_THROTTLE',`2')dnldefine(`confTO_IDENT',`0')dnldefine(`confSMTP_LOGIN_MSG',`')dnldefine(`confMIN_FREE_BLOCKS', 4000)dnldefine(`confMAX_DAEMON_CHILDREN', 100)dnldefine(`PROCMAIL_MAILER_PATH', `/usr/bin/procmail')dnldefine(`STATUS_FILE', `/etc/mail/statistics')dnlFEATURE(`virtusertable', `hash /etc/mail/virtusertable')dnldefine(`confPRIVACY_FLAGS', `authwarnings,goaway,noreceipts,noexpn,novrfy,noetrn,needmailhelo,restrictmailq,restrictqrun,restrictexpand,nobodyreturn')dnldefine(`HELP_FILE', `/dev/null')dnlFEATURE(smrsh, `/usr/sbin/smrsh')dnlFEATURE(ratecontrol)dnlFEATURE(conncontrol)dnldnl FEATURE(`greet_pause',`3000')dnlFEATURE(`mailertable')dnlFEATURE(`always_add_domain')dnlFEATURE(`use_cw_file')dnlFEATURE(`local_procmail')dnlMAILER(local)dnlMAILER(procmail)dnlMAILER(smtp)dnl___________________________________________________________________________________________________________________I m Really Worried Beacause Even When i Empty my Access file and then Makemap hasth Access.db file it still allows mail as :>telnet 192.168.1.9 25 220  ESMTPehlo qmail250-worldcall.net.pk Hello noc.worldcall.net.pk [203.81.1] you250-ENHANCEDSTATUSCODES250-PIPELINING250-8BITMIME250-SIZE 25000000250-AUTH LOGIN PLAIN250-DELIVERBY250 HELPmail from:anyone at what.com250 2.1.0 anyone at what.com... Sender okrcpt to:all at all.com250 2.1.5 all at all.com... Recipient okdata354 Enter mail, end with "." on a line by itself.354 Enter mail, end with "." on a line by itself250 2.0.0 l3JFQaWT004671 Message accepted for deliveryPlease HELP !!Thanking in Advance.Nauman.

----------------------------------------------------------------------------


    -- 
    MailScanner mailing list
    mailscanner at lists.mailscanner.info
    http://lists.mailscanner.info/mailman/listinfo/mailscanner

    Before posting, read http://wiki.mailscanner.info/posting

    Support MailScanner development - buy the book off the website! 



------------------------------------------------------------------------------


  -- 
  MailScanner mailing list
  mailscanner at lists.mailscanner.info
  http://lists.mailscanner.info/mailman/listinfo/mailscanner

  Before posting, read http://wiki.mailscanner.info/posting

  Support MailScanner development - buy the book off the website! 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20070420/33eda0ec/attachment.html

More information about the MailScanner mailing list