At 03:38 PM 1/3/99 -0700, John Gonzalez/netMDC admin wrote:
>On Sun, 3 Jan 1999, Harald Hanche-Olsen wrote:
>-| | 211.123.239.:allow,RELAYCLIENT=""
>-| | 211.123.240.:allow,RELAYCLIENT=""
>-| | 127.:allow,RELAYCLIENT=""
>-| |
>-| | Is there anything else I could do ? Is he IP spoofing ?
>-|
>-| You must have a file /var/qmail/control/rcpthosts listing domains for
>-| which you will relay (the effect of setting RELAYCLIENT is to ignore
>-| this file).
>
>Does this mean you cant use rcpthosts and RELAYCLIENT with tcpserver? If
>you set anything with RELAYCLIENT environment, it totally ignores
>rcpthosts?
Correct. That's the whole point.
You only ever set RELAYCLIENT on IP addresses that are allowed to relay via
your server. Typically this will mean your local network(s).
If you don't want to give the above addresses access to relay, remove them
from the rules and let your default "deny" entry take care of it.
Regards.
