The tech was saying he saw entries in the Imail log that said mail was received from the IMGate machine's IP. Also, I'm running Declude Junkmail on the Imail server and can see in SPAM headers where it fails the SPAMCOP test for instance, and I have that test listed in my RBLs for IMGate. I can't see how that mail is getting by IMGate unless it is doing the relaying. The maillog show nothing for those emails.
Steve Cobb, A+, MCSE Computer Geeks [EMAIL PROTECTED] ********************************** Need faster Internet service? www.geeksnet.com -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Len Conrad Sent: Monday, October 13, 2003 5:26 PM To: [EMAIL PROTECTED] Subject: [IMGate] Re: Relay using IMGate >I have an older IMGate still running regexp, but I was told by IMail >tech support that it looked like someone was using our IMGate machine >as their mail gateway ... based on what evidence?? >and sending SPAM out it. Let's say my IMGate box is ip.add.111.111 and >the IMail box is ip.add.111.112. Is it possible for someone to use >ip.add.111.111 as their SMTP server. of course. That's why you have to limit the main.cf mynetworks param to the minimum number of IPs that you can trust to relay mail through IMGate. >I tried to test it >and it failed google for "open relay test" and use one of those. but if you telnet to imgate:25 from a non-mynetworks IP and try to send to a non-transport.map @recipient.domain, it should fail. >but I want to make sure that it is locked down. Thanks >for the help. what do you see in the postfix maillog that looks like unrestricted relaying? Len --- [This E-mail scanned for viruses by Computer Geeks (www.geeksnet.com)]
