Hi
I am having a hard time stopping james from relaying mails (see config
file below). Here is my list of unsolved issues - I would really
appreciate any constructive feedback:
1. I am using the SenderInFakeDomain matcher but it seems to have
no effect. If I telnet to JAMES I can easily make JAMES send an e-mail
using arbitrary sender addresses as in "mail from:[EMAIL PROTECTED]".
JAMES just gives me an "OK" response.
2. I have tried many different parameters for
RemoteAddrNotInNetwork in the so-called anti-relay mailet. Currently I
am trying to send everything to the SPAM folder unless it comes from
127.0.0.1 (JAMES itself) or one of my local IPs, e.g. 10.0.0.23. This
has no effect what so ever - I tested it with on-line relay-testers, and
even had a friend from another network telnet to my server, and he was
able to send an e-mail aswell.
3. I tried setting authRequired to true, but this seems not to be
compatible with MS Outlook which fails to authenticate (I have tried
many different sensible settings). This is the solution which I would
like the most, since I hope it would could enable me to check my JAMES
account outside the office aswell.
The fact that my JAMES installation is an open relay has caused me no
problems (yet), but I really would like to put an effort into stopping
the spammers who are actively abusing my installation. Urgent help will
be highly appreciated. My config file is included below.
Thanks
Randahl
<?xml version="1.0"?>
<config>
<!-- The James block -->
<James>
<!-- CHECKME! Set this to the right email address for error reports -->
<postmaster>[EMAIL PROTECTED]</postmaster>
<!-- CONFIRM? -->
<!-- servernames identifies the DNS namespace served by this
instance
of James.
If autodetect is TRUE, James wil attempt to discover its own name
AND use
any specified servernames. If autodetect is FALSE, James will use
only
the specified servernames. By default, the servername 'localhost'
is
specified. This can be removed, if required. -->
<servernames autodetect="FALSE">
<servername>rockit.dk</servername>
<!--
<servername>To override autodetected server names
uncomment this. </servername>
<servername>localhost</servername>-->
</servernames>
<!-- Set whether user names are case sensitive or insensitive -->
<!-- Set whether to enable local aliases -->
<usernames ignoreCase="TRUE" enableAliases="TRUE"
enableForwarding="TRUE"/>
<!-- The inbox repository is the location for users inboxes -->
<!-- Default setting: file based repository - enter path ( :///
for absolute) -->
<inboxRepository>
<repository destinationURL="file://var/mail/inboxes/"
type="MAIL">
</repository>
</inboxRepository>
<!-- Alternative inbox repository definition for DB use. -->
<!-- The format for the destinationURL is
"db://<data-source>/<table>"
- <data-source> is the datasource name set up in the
database-connections block, below
- <table> is the name of the table to store user inboxes in
The user name is used as <repositoryName> for this repository
config.
<inboxRepository>
<repository destinationURL="db://maildb/inbox/"
type="MAIL">
</repository>
</inboxRepository>
-->
</James>
<!-- The James Spool Manager block -->
<spoolmanager>
<!-- number of spool threads -->
<threads> 10 </threads>
<!-- Set the packages from which to load mailets and matches -->
<mailetpackages>
<mailetpackage>org.apache.james.transport.mailets</mailetpackage>
</mailetpackages>
<matcherpackages>
<matcherpackage>org.apache.james.transport.matchers</matcherpackage>
</matcherpackages>
<!-- Processor CONFIGURATION SAMPLE:
root is the first processor all mails enter -->
<processor name="root">
<!-- Checks that the MAIL FROM command was for a valid domain.
Important for spam prevention. -->
<!-- -->
<mailet match="SenderInFakeDomain" class="ToProcessor">
<processor> spam </processor>
</mailet>
<!-- Important check to avoid race conditions -->
<mailet match="RelayLimit=30" class="Null">
</mailet>
<!-- Check for delivery from a known spam server -->
<mailet match="InSpammerBlacklist=blackholes.mail-abuse.org"
class="ToProcessor">
<processor> spam </processor>
<notice> Rejected - see http://www.mail-abuse.org/rbl/
</notice>
</mailet>
<mailet match="InSpammerBlacklist=dialups.mail-abuse.org"
class="ToProcessor">
<processor> spam </processor>
<notice> Dialup - see http://www.mail-abuse.org/dul/
</notice>
</mailet>
<mailet match="InSpammerBlacklist=relays.mail-abuse.org"
class="ToProcessor">
<processor> spam </processor>
<notice> Open spam relay - see
http://www.mail-abuse.org/rss/ </notice>
</mailet>
<!-- Sample matching to kill a message (send to Null) -->
<mailet match="RecipientIs=badboy@badhost" class="Null">
</mailet>
<!-- Sends remaining mails to the transport processor for
either
local or remote delivery -->
<mailet match="All" class="ToProcessor">
<processor> transport </processor>
</mailet>
</processor>
<!-- Processor CONFIGURATION SAMPLE: error is the processor
mails with
failure conditions enter -->
<processor name="error">
<!-- Logs any messages to the repository specified -->
<mailet match="All" class="ToRepository">
<repositoryPath> file://var/mail/error/</repositoryPath>
<!-- <repositoryPath> db://conf/mail-error.properties
</repositoryPath> -->
<passThrough> true </passThrough>
</mailet>
<!-- If you want to notify the sender their message was marked
as
spam, uncomment this -->
<mailet match="All" class="NotifySender">
</mailet>
<!-- -->
<!-- If you want to notify the postmaster that a message was
marked
as spam, uncomment this -->
<mailet match="All" class="NotifyPostmaster">
</mailet>
<!-- -->
</processor>
<!-- Processor CONFIGURATION SAMPLE: transport is a sample
custom
processor for local or remote delivery -->
<processor name="transport">
<!-- Is the recipient is for a local account, deliver it
locally -->
<mailet match="RecipientIsLocal" class="LocalDelivery">
</mailet>
<!-- If the host is handled by this server and it did not get
locally delivered, this is an invalid recipient -->
<mailet match="HostIsLocal" class="ToProcessor">
<processor>error</processor>
</mailet>
<!-- CHECKME!
Anti-relay mailet: Add your network address here,
e.g. "RemoteAddrNotInNetwork=127.0.0.1, abc.de.*"
-->
<!-- This matcher-mailet pair can prevent relaying... if you
change
this, you risk making your mail server an open relay point
for
spammers .
NOTE 1: the order of matcher-mailets is important: it must
come after
valid local recipients have been dealt with but before any
attempt is
made to delivery the mail remotely.
NOTE 2: Add your own network, if you want to relay mail
outwards
NOTE 3: If you use SMTP AUTH, you may want to comment this
so users who are on the road can still use the server -->
<mailet match="RemoteAddrNotInNetwork=127.0.0.1, 10.0.0.*"
class="ToProcessor">
<processor>spam</processor>
</mailet>
<!-- Attempt remote delivery using the specified repository
for the
spool,
using delay time to retry delivery and the maximum number of
retries -->
<mailet match="All" class="RemoteDelivery">
<outgoing> file://var/mail/outgoing/ </outgoing>
<!-- <outgoing> db://conf/mail-outgoing.properties
</outgoing> -->
<delayTime> 21600000 </delayTime>
<maxRetries> 5 </maxRetries>
</mailet>
</processor>
<!-- Processor CONFIGURATION SAMPLE: spam is where messages
detected
as relaying or other problems will get sent. You can either log
these,
bounce these, or just ignore them. -->
<processor name="spam">
<!-- If you wanted, you could just destroy messages, uncomment
this
matcher/mailet
<mailet match="All" class="Null">
</mailet>
-->
<!-- If you want to notify the sender their message was marked
as
spam, uncomment this -->
<mailet match="All" class="NotifySender">
</mailet>
<!-- -->
<!-- If you want to notify the postmaster that a message was
marked
as spam, uncomment this-->
<mailet match="All" class="NotifyPostmaster">
</mailet>
<!-- -->
<!-- Out of the box, this will log the message to a repository
-->
<mailet match="All" class="ToRepository">
<repositoryPath>file://var/mail/spam/</repositoryPath>
</mailet>
</processor>
</spoolmanager>
<smtpserver>
<port>25</port>
<!--<bind></bind> uncomment this if you want to bind to a
specific
inetaddress -->
<!--<useTLS>TRUE</useTLS>uncomment this if you want to use TLS
(SSL)
on this port -->
<handler>
<!-- helloName is the single host name this instance of James
will
use to identify itself for example, in SMTP and POP3
greetings. If
autodetect is TRUE, James will attempt to discover its own
name OR
use 'localhost'. If autodetect is FALSE, James will use the
value
given OR 'localhost' -->
<helloName autodetect="FALSE">ROCK IT Mail Server</helloName>
<connectiontimeout>360000</connectiontimeout>
<authRequired>false</authRequired><!-- uncomment this if you
want
SMTP AUTH support. This is useful if you have users who need
to use
the email server on the road, while not having your server act
as an
open relay! -->
<verifyIdentity>true</verifyIdentity><!-- uncomment this if you
want
to verify that the MAIL FROM: address is the same user that
authenticated. This prevents a user of your mail server from
acting
as somebody else -->
<!-- This sets the maximum allowed message size for the
smtphandler
in KBytes. The value defaults to 0, which means no limit. -->
<maxmessagesize>0</maxmessagesize>
</handler>
</smtpserver>
</config>
