LINUX.IE, website of the Irish Linux Users' Group
Tux rules!

   
Home
New Users
Articles
Download
Projects
Community
Vendors

  Print Version
Email to...
 
Archives:


planetILUG

Recent News

News Archive


Join the
ILUG
on FaceBook


Join the
ILUG
on LinkedIn


Join the
ILUG SETI
Group



















 
 :: Mailing Lists

[ILUG] open mail relay.....

[ILUG] open mail relay.....

Rob Hill robhill at indigo.ie
Tue Nov 9 10:44:29 GMT 1999 

Hi all - 
I was dismayed yesterday to find that we were running an open mail
relay, despite the fact that it had been checked previously and found
not to relay (as the stock RH6.0 install is supposed to install a non-relaying
sendmail - which it does).
Linuxconf (ptahh!!) is, I suspect the perpetrator(sp?) of this henious sendmail.cf
fcuk up - just out of curiosity, I checked up on 2 other recently-setup servers,
one which had had a few things installed/changed and one which hadn't (it also
hadn't run linuxconf). Another open relay, and one closed one (the one that hadn't
run linuxconf).
Now, it's not definately linuxconf that is the problem, but I like to blame it
when things go wrong.
Anyway, telnet to your mailserver, port 25, type 'ehlo somedomain.com'<sendmail replies>, type 'mail from:luser at luserdomain.com'<sendmail replies>, type 
'rcpt to:luser at somewhere.else.com' - if you get a message like 'we do not relay'
everything is ok (unless you then run linuxconf ;o). If you get a message like
'recepient ok....' then you're in trouble  - go to ....damn i can't find the link.
Here's what I did.....

add these lines to your sendmail.cf, (just over 'Special Macros' and just under
'CPREDIRECT' in mine) and create (touch) the appropriate files in
/etc/mail....


# file containing IP numbers of machines which can use our relay
F{LocalIP} /etc/mail/ip_allow

# file containing names of machines which can use our relay
F{LocalNames} /etc/mail/name_allow

# file containing names we relay to
F{RelayTo} /etc/mail/relay_allow



now.....right down the bottom of your sendmail.cf.....obey the thing about
the blanks......

Scheck_rcpt
# make sure you have TABs here, not BLANKs! sendmail will complain otherwise...
# first: get client addr
R$+                     $: $(dequote "" $&{client_addr} $) $| $1
R0 $| $*                $@ ok                   no client addr: directly invoked
R$={LocalIP}$* $| $*    $@ ok                   from here
# not local, check rcpt
R$* $| $*               $: $>3 $2
# remove local part, maybe repeatedly
R$+                     $:$>remove_local $1
# still something left?
R$*<@$*>$*              $#error $@ 5.7.1 $: 550 we do not relay

Sremove_local
# remove RelayTo part (maybe repeatedly)
R$*<@$*$={RelayTo}.>$*  $>3 $1 $4
R$*<@$=w.>$*            $: $>remove_local $>3 $1 $3
R$*<@$*>$*              $@ $1<@$2>$3
# dequote local part
R$-                     $: $>3 $(dequote $1 $)
R$*<@$*>$*              $: $>remove_local $1<@$2>$3


here's what a session with a non-relaying server should look like
(excuse the expletives).....


pain: [~] > telnet some.mailserver.ie 25
Trying 194.125.xxx.xxx...
Connected to some.mailserver.ie.
Escape character is '^]'.
220 some.mailserver.ie ESMTP Sendmail 8.9.3/8.8.7; Tue, 9 Nov 1999 10:19:55 GMT
ehlo linux.ie
250-some.mailserver.ie Hello pain.med.umn.edu [160.94.105.39], pleased to meet you
250-EXPN
250-VERB
250-8BITMIME
250-SIZE 2000000
250-DSN
250-ONEX
250-ETRN
250-XUSR
250 HELP
mail from:shit at shitter.com
250 shit at shitter.com... Sender ok
rcpt to:robhill at indigo.ie
550 robhill at indigo.ie... we do not relay
quit
221 some.mailserver.ie closing connection
Connection closed by foreign host.
pain: [~] > logout




disclaimer - don't do any of the above ;o) unless you know what you're doing.
This (for me anyway) is a quick fix - this is my last day here before I'm
off to Oz, and was a bit pissed to find this was going on.
Anyway, Ideally, I'd get rid of linuxconf, but it does some pretty neat things
with virtual mail domains....and you're generally ok if you stay away from the
sendmail stuff, and have your sendmail.cf backed up.....
If anyone has anything to add to this, or indeed, say how terrible it is, i'd be
glad to hear it.....

Rob.

More information about the ILUG mailing list
Read this without the formatting.
                                                                                                    

  

Hosted by HEAnet


 Maintained by the ILUG website team. The aim of Linux.ie is to support and help commercial and private users of Linux in Ireland. You can display ILUG news in your own webpages, read backend information to find out how. Networking services kindly provided by HEAnet, server kindly donated by Dell. Linux is a trademark of Linus Torvalds, used with permission. No penguins were harmed in the production or maintenance of this highly praised website. Looking for the Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
RSS Version
Powered by Dell