Hello, I was just scanning my server and found that I can send emails if the from address is <>. In other words I can use my mail server as a relay.
I have /etc/tcp.smtp set as
192.168.:allow,RELAYCLIENT=""
127.:allow,RELAYCLIENT=""
:allow
So I know that is supposed to help stop the relaying but how do I stop it from allowing to send with the <> ? Any links or info is greatly appreciated. Thanks.
I just tested this out and it works, if the RCPT TO: address is of a domain I control or that is listed in my rcpthosts file. Someone could successfully spam your users using this loop hole, but the should not be able to use you as a relay to spam others.
I see what your saying but do you know of a way to stop it. I get like 100 MAILER-DAEMON notices to invalid email addresses bouncing all over the place. I am not sure how to stop it.
It looks like some random *.msn or *.hotmail will try to mail an email address on my domain but the address is invalid so it sends a bounce to the sender address and then it bounces back again saying the sender is an invalid address. Drives me nuts.
Here is some of the message.
Hi. This is the qmail-send program at lemiwinks.d****.net.
I tried to deliver a bounce message to this address, but the bounce bounced!
<hwmfndc@msn.com>:
64.4.50.239 does not like recipient.
Remote host said: 550 Requested action not taken: mailbox unavailable
Giving up on 64.4.50.239.
--- Below this line is the original bounce.
Return-Path: <>
Received: (qmail 8040 invoked for bounce); 4 Jun 2004 13:49:42 -0000
Date: 4 Jun 2004 13:49:42 -0000
From: MAILER-DAEMON@lemiwinks.da*****.net
To: hwmfndc@msn.com
Subject: failure notice
Hi. This is the qmail-send program at lemiwinks.da*****.net.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.
<hudson@mydomain.com>:
216.148.222.35 failed after I sent the message.
Remote host said: 554 Error: too many hops
Instead of bouncing it back, just drop them.
I used to bounce the spammers but ( mostly ), they will spam you one time and their address is gone forever. So it's just more work for you.
What I currently do is have one address specially created and send all the mails for invalid address to that one. I occationally check them to make sure no legit mails are being directed. Then delete all of them at once.
No easy way to fight spamming currently.
Might be the same stuff I'm experiencing then. I'm getting tons of bogus emails bounced back I think and I can't do anything about it. Every day I wake up with at least a thousand mailer-daemon failure notices in my inbox. It's VERY frustrating.
arlight, i'm totally at a loss. if anyone is an expert at qmail, or maybe any daemon, i need to get on contact with you. i've had smtp re-enabled for about an hour, and i've got 1000 bounced messages already! i don't know what to do. i'm pretty sure i've got my server configured correctly, but somehow they're still able to relay! if anyone wants to chat w/ me over AIM, MSN, ICQ, etc…my info is located in my profile. Email me with a subject line of "need server help?" if you can't get a hold of me over any of those mediums. any help would be GREATLY appreciated.
I'm glad to hear that someone else is having this issue. There has to be a way to fix this. I have googled for hours and keep coming up with " Qmail by default doens't act as a relay so you don't need to take any measures" I understand that they person can only mail the domains I host with the <> sender field but damn this is eating so much bandwidth. Please help. Thanks again.
I think I've fixed my problem. Mind posting your 'rc' or 'run' (if you use the supervise daemon) script for SMTP? I think I have a fix...
This is /var/qmail/supervise/qmail-smtpd/run
#!/bin/sh
QMAILDUID=`/usr/xpg4/bin/id -u qmaild`
NOFILESGID=`/usr/xpg4/bin/id -g qmaild`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
LOCAL=`head -1 /var/qmail/control/me`
if [ -z "$QMAILDUID" -o -z "$NOFILESGID" -o -z "$MAXSMTPD" -o -z "$LOCAL" ];
then
echo QMAILDUID, NOFILESGID, MAXSMTPD, or LOCAL is unset in
echo /var/qmail/supervise/qmail-smtpd/run
exit 1
fi
if [ ! -f /var/qmail/control/rcpthosts ]; then
echo "No /var/qmail/control/rcpthosts!"
echo "Refusing to start SMTP listener because it'll create an open relay"
exit 1
fi
exec /usr/local/bin/softlimit -m 6000000 \
/usr/local/bin/tcpserver -v -R -l "$LOCAL" -x /etc/tcp.smtp.cdb -c "$MAXSMTPD" \
-u "$QMAILDUID" -g "$NOFILESGID" 0 smtp /var/qmail/bin/qmail-smtpd 2>&1
This is my /var/qmail/rc:
#!/bin/sh
exec env - PATH="/var/qmail/bin:$PATH" \
qmail-start "`cat /var/qmail/control/defaultdelivery`"
Posting Permissions
Reply With Quote
Bookmarks