> -----Original Message-----
> From: Erwin Hoffmann [SMTP:[EMAIL PROTECTED]]
> Sent: Friday, March 03, 2000 12:25 PM
> To: [EMAIL PROTECTED]
> Cc: Russell Nelson
> Subject: Re: SPAMCONTROL patch
>
> Hi Russell,
>
> I wrote in the README.spamcontrol:
>
> >"Since QMAIL by contruction is an OPEN RELAY, some vulnerability may be
> >experienced not in particular to the QMAIL system itself (which can
> >stand a heavy load), but for other MTAs which are flooded by
> >SPAM E-Mail. "
> >
> >You're kidding, right?
> ==> Am I?
> qmail is by construction an open relay??
>
URL to the RFC 2505: ftp://ftp.opus1.com/rfc/rfc2505.txt
> ==> See RFC 2505.
>
And ? I just looked at it. qmail (when configured correctly) does
1 through 5 (the musts and must nots).
It does 6a and 6b (providing the person sending the
<[EMAIL PROTECTED]> address has permission to relay).
qmail does 7a, 7b, It does 8 when you use tcpserver...
> And the reason not to be an open relay is because you'll be blocked
> because of the spam that (eventually) comes through your site.
> ==> Sorry, dont get the point.
> Spam is itself not a serious load on anybody's MTA -- not even sendmail.
> ==> Looking in the Log-files tells me something different.
>
Are you talking Open Relay or SPAM ? They are related but not the
same. By default, qmail is NOT an open relay. If you misconfigure it (by
deleting the /var/qmail/control/rcpthosts file, for example) then all bets
are off.
> Pls. have a look into my improved README. I tried to be as specific as
> possible. If I am mistaken, pls. correct me.
>
> We have a lot of discussion about that subject in the QMAIL mailinglist
> without bringing it to the point.
>
> SPAM and the abuse of SMTP MTAs is a severe problem, because the QMAIL FAQ
> is not specific enough at that item. From SYSADMINs who use QMAIL (I am
> responsible for an environment with 5000 local users) I know, that making
> QMAIL SPAM-proof is not that easy.
>
> I dont know, whether employing TCPSERVER and calling ORBs or others is the
> perfect solution. I am always suspicious about other people's "thats the
> right way to do".
>
There is no "right" solution, only a solution that's "right" for the
person who is implementing it.
> For the next version of QMAIL it would be a preferred solution to include
> the canonical SPAM filters nativeley into QMAIL-SMTPD. The information can
> be grepped via the TCPSERVER environment at run-time.
>
I somehow doubt that it is going to happen. Anti-SPAM is NOT a part of mail
transport, there for I really doubt that DAB would even consider adding it
to Qmail 2.x
Matt Soffen
Web Intranet Developer
http://www.iso-ne.com/
==============================================
Boss - "My boss says we need some eunuch programmers."
Dilbert - "I think he means UNIX and I already know UNIX."
Boss - "Well, if the company nurse comes by, tell her I said
never mind."
- Dilbert -
==============================================
