On Fri, 16 Apr 1999, Chris Johnson wrote:
> > I am having trouble preventing Qmail from doing open relaying without
> > stopping mail service entirely. This is on a system that runs Listserv(R)
> > from the L-Soft Corporation. When I put the system's name (and aliases) in
> > a rcpthosts file, open relaying stops. The problem is that no one can send
then Ur host work as relay only for itself.
> > e-mail to any account on this system. Qmail says that the sending system
> > is not allowed to relay. I do not understand this. In sendmail, I can stop
> > third party relaying without totally disabaling mail functionality on the
> > system, but I can't figure out how to do this with qmail. The Qmail FAQ
> > file was unclear on this subject, which is why I am asking here.
The Qmail FAQ contains almost enougth to turn off relaying. See selective
mail relay part. For this U should install some additional programmes &
have the string like below in the file starting qmail:
/usr/local/tcpserver/bin/tcpserver -R -x/etc/tcp.smtp.cdb -c100 -u<uid> -g<gid> 0 smtp
/var/qmail/bin/qmail-smtpd &
This is
Also disable smtp in inetd.conf & make right tcp.smtp.cdb file as
described in FAQ. Make shure that no special chars are in tcp.smtp.cdb or
this won't work - I got problems once w/ this.
> What do you mean by "put the system's name (and aliases) in rcpthosts"?
> rcpthosts should be a list of domains for which you're willing to receive mail
> via SMTP. Some of these domains might be the same as your server's name and
> aliases; then again, none of them may be, and your server may have aliases for
> which you don't want to receive mail.
I think rcpthosts should contain only hostname & aliases for it. All
clients that should be allowed for sending mail should be configured via
tcp.smtp.cdb as in FAQ . Then all them will be allowed for sending mail to
anywhere . All others cannot send anything through Ur host to nonlocal
accounts. BTW: Is it possible to allow some clients send mail only to some
domains?
> Make sure that your rcpthosts file contains only domains that are listed in
> locals or virtualdomains, and domains for which you're acting as secondary
> mail
> exchanger. Then you will be safe from unauthorized (or for that matter, any)
> relaying, and you'll still be able to receive mail for any of the domains you
> host.
But if I've domain in rcpthosts this domain is able to relay via my
host.Thus I think that rcpthosts should contain only hostname & aliases
for it. Am I wrong?
Bye.Olli.
