[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: problem with relaying



On Wed, Jan 17, 2001 at 08:47:28PM +0100, Tomasz Jordan Kruk wrote:
>  Hello,
> 
> Suddenly for us, it turned out that our Zmailer server has serious problem
> with passing relay tests from mail-abuse.org. Therefore our mail server
> landed on mail-abuse's relay blacklist as potential spammers tool. 

	If they still do that, they are assuming that anybody with
	non-sychronous local address analysis must be system for 
	uncontrolled relaying...

> There are seventeen tests on mail-abuse which one can check by the command:
> 
>  telnet mail-abuse.org
> 
> submitted from his mail server. 
> 
> Zmailer ver. 2.99.54, did pass all but the test number thirteen. In

    It can be rejected syncronously *IF* you run router synchronously.
    Simpler way is to add an entry to file:
		$MAILVAR/db/smtp-policy.spam.manual

	"nobody@mail-abuse.org"@

    and then invoke  $MAILBIN/policy-builder.sh

> /var/log/mail/smtpserver for the test number thirteen:
> 
> ...
> PUwv23193w      250 2.0.0 2.0.0 Reset processed, now waiting for MAIL command
> PUwv23193r      mail from: <spamtest@mailserver.our.domain.pl>
> PUwv23193w      250 2.1.0 Sender syntax Ok
> PUwv23193r      rcpt to: <"nobody@mail-abuse.org"@[195.1.2.3]>
> PUwv23193w      250 2.1.5 Recipient address syntax Ok; rcpt=<"nobody@mail-abuse.org"@[195.1.2.3]>
> PUwv23193r      QUIT
> PUwv23193w      221 2.0.0 mailserver.our.domain.pl Out
> ...
> 
> where 195.1.2.3 is our mailserver IP number.
> 
> The "rcpt to" address has been accepted - although it shouldn't be according
> to mail-abuse.  
> 
> My question is: 
> 
>  How to protect Zmailer's smtpserver against allowing addresses
>  like "*@*"@[our.IP], for example: "nobody@mail-abuse.org"@[195.1.2.3]

	See above.

	In reality the bounce will happen at the router, or at local
	delivery which realizes that there really is no such local
	user as  "nobody@mail-abuse.org"

> Regards,
> tjk
> -- 
> -- Tomasz Jordan  Kruk, PhD -----------------------------------------------
>   _/_/_/ _/_/_/  _/ _/ T.Kruk@ia.pw.edu.pl  http://www.ia.pw.edu.pl/~tkruk

-- 
/Matti Aarnio	<mea@nic.funet.fi>