RE: [IMail Forum] Relaying through me?

Wed, 25 Oct 2000 08:05:54 -0700

My addresses:
192.168.100.72
gochatplus.com
 
Disable SMTP Auth is NOT checked.  Relay mail for everyone is checked but that is only because everytime I try to specify an IP range my users get denied trying to send mail.
 
10:25 01:06 SMTP-(000000D6) 220 mailrecv8.bigmailbox.com ESMTP Sendmail 8.10.0/8.10.0; Tue, 24 Oct 2000 22:06:46 -0700
10TP-(000000D6) >EHLO gochatplus.com
10:25 01:06 SMTP-(000000D6) 250-mailrecv8.bigmailbox.com Hello sourcenat1.bigmailbox.com [209.132.220.250], pleased to meet you
10:25 01:06 SMTP-(000000D6) 250-ENHANCEDSTATUSCODES
10:25 01:06 SMTP-(000000D6) 250-EXPN
10:25 01:06 SMTP-(000000D6) 250-VERB
10:25 01:06 SMTP-(000000D6) 250-8BITMIME
10:25 01:06 SMTP-(000000D6) 250-SIZE
10:25 01:06 SMTP-(000000D6) 250-DSN
10:25 01:06 SMTP-(000000D6) 250-ONEX
10:25 01:06 SMTP-(000000D6) 250-ETRN
10:25 01:06 SMTP-(000D6) 250-XUSR
10:25 01:06 SMTP-(000000D6) 250 HELP
10:25 01:06 SMTP-(000000D6) >MAIL FROM:<[EMAIL PROTECTED]>
10:25 01:06 SMTP-(000000D6) 250 2.1.0 <[EMAIL PROTECTED]>... Sender ok
10:25 01:06 SMTP-(000000D6) >RCPT To:<[EMAIL PROTECTED]>
10:25 01:06 SMTP-(000000D6) 250 2.1.5 <[EMAIL PROTECTED]>... Recipient ok
10:25 01:06 SMTP-(000000D6) >DATA
10:25 01:06 SMTP-(000000D6) 354 Enter mail, end with "." on a line by itself
10:25 01:06 SMTP-(000000D6) 50 2.0.0 e9P56l620127 Message accepted for delivery
10:25 01:07 SMTP-(000000D6) rdeliver blackvault.com [EMAIL PROTECTED] (1) <[EMAIL PROTECTED]> 4544
10:25 01:07 SMTP-(000000D6) >QUIT
10:25 01:07 SMTP-(000000D6) 221 2.0.0 mailrecv8.bigmailbox.com closing connection
10:25 01:07 SMTP-(000000D6) Trying earthlik.net (0)
10:25 01:07 SMTPD(9D7C03E6) [192.168.100.72] connect 192.168.100.72 port 3766
QUIT
 

Michael Varre
goChatPlus.com
Project Engineer
[EMAIL PROTECTED]
315.475.0500

-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Tyran Ormond
Sent: Wednesday, October 25, 2000 10:37 AM
To: [EMAIL PROTECTED]
Subject: Re: [IMail Forum] Relaying through me?

On 10:15 AM 10/25/2000 -0400, it would appear that Mike Varre wrote:
I have never seen these domains and I have no affiliation with them.  Is this domain relaying mail through me?
 
10:25 01:06 SMTP-(000000D6) >MAIL FROM:<[EMAIL PROTECTED]>
10:25 01:06 SMTP-(000000D6) 250 2.1.0 <[EMAIL PROTECTED]>... Sender ok
10:25 01:06 SMTP-(000000D6) >RCPT To:<[EMAIL PROTECTED]>
10:25 01:06 SMTP-(000000D6) 250 2.1.5 <[EMAIL PROTECTED]>... Recipient ok
10:25 01:06 SMTP-(000000D6) >DATA
10:25 01:06 SMTP-(000000D6) 354 Enter mail, end with "." on a line by itself
10:25 01:06 SMTP-(000000D6) 50 2.0.0 e9P56l620127 Message accepted for delivery
10:25 01:07 SMTP-(000000D6) rdeliver blackvault.com [EMAIL PROTECTED] (1) <[EMAIL PROTECTED]> 4544
10:25 01:07 SMTP-(000000D6) >QUIT


Depends.  Do you use relay for addresses and have disable SMTP Auth UNchecked?  If so, then it is extremely likely that one of your users is actually [EMAIL PROTECTED]  You can verify this by checking the IP address in the EHLO/HELO for that message.  If it's an address valid for your relay for addresses setting then there is no problem.  If it's not in your relay address range, there should be a line that reads as follows:

Authenticated username, session treated as local.

Of course, if you aren't using relay for addresses and UNchecked disable SMTP Auth, then all bets are off and you have an open relay.

Tyran Ormond
Programmer/LAN Technician
Central Valley Water
[EMAIL PROTECTED] Please visit http://www.ipswitch.com/support/mailing-lists.html to be removed from this list. An Archive of this list is available at: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/

Reply via email to