On 9/25/07, Stuart Henderson <[EMAIL PROTECTED]> wrote: > On 2007/09/25 17:35, Rob wrote: > > Since this is happening during the conversation with our inbound mail > > server, I don't see how filtering connections between our inbound and > > outbound mail servers would fix it. > > From what you say, it sounds like your outbound mail server sends > mail to some host which carries out an on-the-fly relay test, is that > right?
Ah, gotcha. That's basically correct. Our user sends email to the outbound mail server, which connects to the recipient's mail server. The problem is, if the recipient's mail server is performing an on-the-fly check, then its connection back to our outbound mail server would automatically be redirected to our inbound mail server, which gets intercepted by spamd, which appears to be the open relay. You're right, then. If I explicitly block inbound connections to the outbound mail server (instead of redirecting them), that might fix the problem ... depending on just what kind of check the recipient's mail server is doing. > If so, surely they only test the host *sending* the mail to them? I don't know yet exactly what they do. I'm crawling my way up their support ladder to try to figure it out. They could be doing some kind of open relay greylisting, or who-knows-what. I'm a little concerned about just blocking those connections per your suggestion, though. It might end up just changing the affected recipients; if someone's dumb enough not to correctly check for an open relay, someone else is certainly dumb enough to reject mail if they can't connect back to the inbound IP. - R.