[olug] qmail relay problem

Christopher Cashell topher at zyp.org
Tue Mar 11 21:40:36 UTC 2003 

At Fri, 07 Mar 03, Unidentified Flying Banana neal r, said:
> Christopher Cashell wrote:
> > What are you using to allow for connection handling and relaying?  Are
> > you using tcpserver?  Assuming so, do you have the tcpserver cdb setup
> > to only allow internal addresses to relay?  And do you have the QMail
> > rcpthosts file setup properly?
> 
>   tcpserver, set up to only talk to internal subnets

Hrm.  This is very similar to how I have things setup for one network.

Can you share your /etc/tcp.smtp (or whatever you have it named)
contents?  For example, here's mine:

nexus:/etc$ cat tcp.smtp
127.0.0.1:allow,RELAYCLIENT=""
192.168.1.:allow,RELAYCLIENT=""
192.168.2.:allow,RELAYCLIENT=""
:allow

The first line allows for local mail to be relayed.  The second for any
hosts in 192.168.1.*, the third for hosts in 192.168.2.*, and the fourth
stops relays from everyone else (by not setting the RELAYCLIENT
variable), but allows incoming mail to be delivered.

>   rcpthosts only accepts stuff for our domain - mail.wispair.net,
> wispair.net, etc

Can you share that, too?  Here's mine, for example:

nexus:/etc/qmail$ cat rcpthosts
localhost
zyp.org
.zyp.org
geeks.info
.geeks.info
incorrect.info
.incorrect.info
cashell.org

> > There are certain configurations where QMail will initially appear to be
> > accepting a message, but will later reject it.  It's hard to say with
> > 100% certainty without testing it.
> 
>   I strongly suspect that is what is happening - but I keep getting these
> open relay mail messages - I've been scheduled for testing yadda yadda yadda

If you'd like, I'd be more than happy to run a quick manual test to see
what happens.  (I helped run an open relay database for a little while a
few years ago, so I'm fairly familiar with them.)

If you don't want to post the details of your file contents and your
mail server's IP/host, feel free to respond off the list, and I'd be
happy to look into things.

-- 
| Christopher
+------------------------------------------------+
| A: No.                                         |
| Q: Should I include quotations after my reply? |
+------------------------------------------------+

More information about the OLUG mailing list