[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: IMPORTANT!!! Possible open relay bug in Zmailer!!

Thanks for the quick response.

I have:

PARAM policydb $DBTYPE $MAILVAR/db/smtp-policy 

In my smtpserver.conf

And my rules are setup to not allow open relay. The issue here is that I
do allow messages to the local box.. but for some reason if there is a
percent sign in the "rcpt to", after accepting the message (as my policy
says to..) it then seems to convert the percent into an @ and relay the

I did a few searches and found this referenced as a PERCENT HACK..

Should I send my smtp-policy.src?? Or have I done something else to
screw this up..?? I am pretty certain my policies are fine.


Luke Galea 
Software Development
BlueCat Networks

-----Original Message-----
From: Matti Aarnio [mailto:mea@nic.funet.fi] 
Sent: February 20, 2003 5:37 PM
To: Luke Galea
Cc: zmailer@nic.funet.fi
Subject: Re: IMPORTANT!!! Possible open relay bug in Zmailer!!

On Thu, Feb 20, 2003 at 04:50:31PM -0500, Luke Galea wrote:
> I have been alerted to what I think is a bug that leaves pretty much
> zmailer config open to relay... Has anyone else encountered this?

Very early ZMailer versions didn't have these anti-relay control
facilities, as early Internet didn't need them...  Once spammers
appeared into the network, things have changed radically.

At nic.funet.fi I get:

RCPT TO:<postmaster%zmailer.org@nic.funet.fi>
550 5.7.1 Your IP address [] is not allowed to relay to
  address <postmaster%zmailer.org@nic.funet.fi> via our server; MX rule

> If I have a box called mail.test.com
> And I have a session with it like this (forgive the syntax.. outlook
> likes to play with my typing):

Exact protocol transcript would help to validate what you are
trying to report.  Copy it as a text file, and supply as an attachment,
then even MS wonders don't mutilate it.

> Helo
> Mail from:whoever@wherever.com
> Rcpt
> Data
> Yadaydyadyadya
> .
> The problem is: some_guy_who_should_never_get_this_message@aol.com
> actually receives the message!!!!!
> How can we prevent this? PLEASE HELP!!!

Do you have  smtp-server policy database ?
How have you configured it ?

In the source package  INSTALL  file the section number 12 is
all about doing this.

It is possible to disable all control functions, and thus have
the system to behave as an open relay.  From that section:

        The default  $MAILSHARE/smtpserver.conf  file REQUIRES use of
        the policy code, but you can disable that (and thus have wide-
        open doors for abuse -- but perhaps ok for intranet) stuff by
        commenting out line:  "PARAM policydb ..." in the file.

So yes, you can disable things, but you have been warned...

> Luke Galea 
> Software Development
> BlueCat Networks

/Matti Aarnio	<mea@nic.funet.fi>
To unsubscribe from this list: send the line "unsubscribe zmailer" in
the body of a message to majordomo@nic.funet.fi