Gary Steiner wrote:
> (1) Why am I not using it? Because I am a cautious person, and I
> haven't had to reboot our mail server in over a year. ...
OK, but there are known holes in the Antirelay program. That means you're
effectively running an open relay. (Not an easy one to use, but certainly it
is one.)
> (2) When I originally installed antirelay, localnets was set to yes.
> At least until my mail server was declared an open relay by
> www.ordb.org, then I had to set localnets to no.
I think ordb was detecting one of the holes in Antirelay. I don't know why
turning localnets off would help anything, as I would expect that simply to
prevent anyone from using the server to send mail.
> (3) With localnets off, any email sent by cgi to a local account on
> the server gets there no problem. Two examples are SOUPERMAIL (a
> form handling cgi) and ASP.NET applications, both of which are
> sending email under these conditions.
Yes, of course, because local mail is not a relay! It's being delivered to
the final destination, so there is no problem, and it won't be blocked by
Antirelay.
However, outbound mail looks just like a relay. It will get blocked unless
it comes from a localnet (that is, an address authorized to send mail).
Since you have no such addresses, you can't use a cgi (or anything else, I
would think) to send non-local mail.
My advice would be to use SMTPRCV (which has the code to block the ORDB
problem, unlike Antirelay), and then set up localnets to addresses that you
want to allow to send mail from. But I don't know enough about your
configuration to say if there would be any problems.
Randy Brukardt
This is the discussion list for the IMS Free email server software.
To unsubscribe send mailto:[EMAIL PROTECTED]
Delivered by Rockliffe MailSite
http://www.rockliffe.com/mailsite
Rock Solid Software (tm)
