[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Help with open relay needed
> Hi everybody,
>
> we thought for a long time that our system (uni-paderborn.de) is fixed
> against third party relay, e.g. see the test at
> http://maps.vix.com/tsi/ar-test.html .
> Now we got surprised that we can not pass the test that ORBS.org
> is doing and that we are now to be found on some blacklist :-(
Hmm.. I am not quite sure if this exactly was a thing I fixed
somewhen along 2.99.50 snapshots. Something like this was
possible with 2.99.49p9 (which you have), but apparently not
with 2.99.50-s10 which nic.funet.fi runs.
/Matti Aarnio <mea@nic.funet.fi>
> The test does the following:
> ...
> 29716r HELO relaytest.orbs.org
> 29716 -- policy result=0, msg: <NONE!>
> 29716w 250 uni-paderborn.de expected "HELO wwwhost.manawatu.net.nz"
> 29716r MAIL FROM: <>
> 29716 -- policy result=0, msg: <NONE!>
> 29716w 250 2.1.0 Sender syntax Ok
> 29716r RCPT TO: <orbs-relaytest@manawatu.co.nz>
> 29716 -- policy result=0, msg: <NONE!>
> 29716w 250 2.1.5 Recipient address syntax Ok
> 29716r DATA
> 29716w 354 Start mail input; end with <CRLF>.<CRLF>
> ...
>
> and I dont know by now why we would block the mail if the mail from: was
> something like<abc@def.com> and why we don't block it if it comes from: <>
> :-(
>
>
> Maybe somebody has an idea when he/she has a look at our config and is
> faster than us rereading the manual.
>
> --
> smtpserver.conf includes the following lines:
> localhost 99 ve
> *.uni-paderborn.de 99 ve
> \[131.234.*.*\] 99 ve
> \[*\] 99 veR
> * 999 veR
> --
>
> --
> db/smtp-policy.src includes these lines:
> . relaycustomer - senderokwithdns + message "We do
> not relay for you!" acceptifmx - test-dns-rbl +
>
> [0.0.0.0]/0 relaycustomer - senderokwithdns + acceptifmx -
> test-dns-rbl +
>
> _our_network = _full_rights
> _full_rights rejectnet - relaycustnet + relaycustomer + relaytarget +
> _localnames rejectnet - relaycustnet - localdomain + relaytarget +
> .uni-paderborn.de = _our_network
> [131.234.0.0]/16 = _our_network
> --
>
> We are still running zmailer-2.99.49p9, but I hope that we can enable the
> required blocking mechanism quickly without preparing an update.
>
> Thank you very much for helping us getting away from the blacklist.
>
> Kind Regards,
> Juergen
>
> -----------------------------------------------------------------------------
> Dipl.-Ing. Juergen Maniera
>
> Universitaet-GH Paderborn Tel.: (+49) (0)5251 60-3326
> FB 17, AG Softwaretechnik / IRB Fax: (+49) (0)5251 60-3714
> D-33095 Paderborn email: sammy@uni-paderborn.de
> Raum: E3.125 http://www.uni-paderborn.de/cs/sammy.html
> -----------------------------------------------------------------------------
>