[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

reject-percent-kludge parameter of smtpserver

I just had an interesting little adventure which started when I
checked the address of my mail server against http://openrbl.org and
found, to my surprise, that NJABL listed it as an open relay.  Further
investigation showed that they were using the percent sign trick to
get their relay test through.  I thought the fix is simple and I
should just add the

PARAM reject-percent-kludge

line to my smtpserver.conf file, reload Z-Mailer and the relay is
closed.  To my further surprise, I found that this did not work and I
still had an open relay.

Details of the system are that it is Z-Mailer extracted from CVS about
6 months ago.  It advertises itself as 2.99.56-pre3.  The OS is
NetBSD.  Originally, I ran NetBSD version 1.5.3 but then upgraded it
to 1.6beta5 and finally to 1.6.  I updated Z-Mailer to today's CVS and
that also did not solve the problem of SMTP server ignoring the
'reject-percent-kludge' directive.  I finally solved my open relay
issue by simply re-running the policy-builder.sh script.  Perhaps one
of the OS upgrades broke things.

Looking at the source code, it seems that 'reject-percent-kludge' is
deprecated and instead SMTP server tries to evaluate the relay attempt
according to SMTP policy files.  But shouldn't the
'reject-percent-kludge' pre-empt the SMTP policy files if the percent
sign is being used?


Roy Bixler <rcb@ucp.uchicago.edu>
The University of Chicago Press
To unsubscribe from this list: send the line "unsubscribe zmailer" in
the body of a message to majordomo@nic.funet.fi