[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: IMPORTANT!!! Possible open relay bug in Zmailer!!
Thanks for the quick response.
PARAM policydb $DBTYPE $MAILVAR/db/smtp-policy
In my smtpserver.conf
And my rules are setup to not allow open relay. The issue here is that I
do allow messages to the local box.. but for some reason if there is a
percent sign in the "rcpt to", after accepting the message (as my policy
says to..) it then seems to convert the percent into an @ and relay the
I did a few searches and found this referenced as a PERCENT HACK..
Should I send my smtp-policy.src?? Or have I done something else to
screw this up..?? I am pretty certain my policies are fine.
From: Matti Aarnio [mailto:firstname.lastname@example.org]
Sent: February 20, 2003 5:37 PM
To: Luke Galea
Subject: Re: IMPORTANT!!! Possible open relay bug in Zmailer!!
On Thu, Feb 20, 2003 at 04:50:31PM -0500, Luke Galea wrote:
> I have been alerted to what I think is a bug that leaves pretty much
> zmailer config open to relay... Has anyone else encountered this?
Very early ZMailer versions didn't have these anti-relay control
facilities, as early Internet didn't need them... Once spammers
appeared into the network, things have changed radically.
At nic.funet.fi I get:
550 5.7.1 Your IP address [220.127.116.11] is not allowed to relay to
address <email@example.com> via our server; MX rule
> If I have a box called mail.test.com
> And I have a session with it like this (forgive the syntax.. outlook
> likes to play with my typing):
Exact protocol transcript would help to validate what you are
trying to report. Copy it as a text file, and supply as an attachment,
then even MS wonders don't mutilate it.
> Mail from:firstname.lastname@example.org
> The problem is: email@example.com
> actually receives the message!!!!!
> How can we prevent this? PLEASE HELP!!!
Do you have smtp-server policy database ?
How have you configured it ?
In the source package INSTALL file the section number 12 is
all about doing this.
It is possible to disable all control functions, and thus have
the system to behave as an open relay. From that section:
The default $MAILSHARE/smtpserver.conf file REQUIRES use of
the policy code, but you can disable that (and thus have wide-
open doors for abuse -- but perhaps ok for intranet) stuff by
commenting out line: "PARAM policydb ..." in the file.
So yes, you can disable things, but you have been warned...
> Luke Galea
> Software Development
> BlueCat Networks
/Matti Aarnio <firstname.lastname@example.org>
To unsubscribe from this list: send the line "unsubscribe zmailer" in
the body of a message to email@example.com