I just got a nasty letter from ORBS telling me that one of my SMTP
servers was an open relay.
The host was a secondary mailserver for some of our domains and it had
no hosts in locals and a correctly configured rcpthosts. Its virtualhosts
was also empty and it was not configured to allow percent hack.
Still <user%domain@[ipnumber]>, where ipnumber was the hosts IP number,
was allowed stright through.
me was set to a local domain, where another server was was primary and that
server was configured to allow relaying for this server.
[ipnumber] was changed to the default domain and that was in the rcpthosts
file so it was ok. The message was forwarded to the primary smtp server for
that domain and that server saw that the mail came from an authorized
relayer and past it along...
/Sebastian
