[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: MORE 3rd party relay troubles
> Hi Matti,
>
> Zmailer 2.99.50-s5
>
> Today I received a notice from ORBS today that our MTA was allowing
> relaying. Gad! - and to be put into the MAPS db - yikes!
>
> Could auto-anti-spam robots eventually close everything down???
No, that was a bug in IP address literal processing.
It has been fixed in current code.
> nobody@[129.128.7.238]
> or postmaster@[129.128.7.238]
>
> or even root@[129.128.7.238]
....
> My only defense until I build a newer ZMailer was to add may own MTA's
> dotted quad in smptserver.conf to disallow it:
>
> \[129.128.7.238\] 999 !NO EMAIL TRANSACTIONS ALLOWED ON DOTTED QUAD
>
>
> Geeze... that stopped it cold - but it's a poor way - I can't be
> aware of the zillions of potential spammers that could try this trick...
>
> There seems indeed to be a weak point when the sender fakes
> the EHO response to be that of the receiving MTA , and then the policy
> rules fall apart.
Nope, it was the IP-literal processing bug.
> I'm sure hoping that the latest-greatest ZMailer can handle these.
Yes. You need the lattest smtpserver, no need to install
*every* new binary in one go. (But do remember to match
your smtpserver.conf with new PARAMs..)
> Cheers,
> --
> James S. MacKinnon Office: P-139 Avadh-Bhatia Physics Lab
> Team Physics Voice : (780) 492-8226 [old AC 403]
> University of Alberta email : Jim.MacKinnon@Phys.UAlberta.CA
> Edmonton, Canada T6G 2N5 WWW : http://www.phys.ualberta.ca/
/Matti Aarnio