Hey,
Sendmail is NOT the problem. Its presence is creating conditions where the
problem manifests, but it's not to blame. It's simply accepting a message
from a host it trusts. The problem is qmail relaying this message from an
untrusted host. Even if I did turn off UUCP rewriting for sendmail, the
underlying problem remains: qmail is acting as an open relay for messages
with no @domain specified. Yes, it takes more than this alone to actually
use it as an open relay, but that's beside the point. We don't live in an
SMTP-only, qmail-only universe. (yet :)
The problem can be redefined as, "qmail appends envnoathost to ANY rcpt
address without a domain". This works too:
$ telnet mx0.lynxus.com 25
Trying 12.6.137.100...
Connected to mx0.lynxus.com.
Escape character is '^]'.
220 mx0.lynxus.com ESMTP
helo
250 mx0.lynxus.com
mail from:[EMAIL PROTECTED]
250 ok
rcpt to:<bishop%lynxus.net>
250 ok
data
354 go ahead
test
.
250 ok 956024397 qp 28670
quit
221 mx0.lynxus.com
Connection closed by foreign host.
$
This gets delivered despite the fact I have not enabled percenthack, because
it's actually relayed to [EMAIL PROTECTED], and the server for
lynxus.com does percenthack processing.
BTW, since I wrote my original message, my assistant pointed out a spot on
the ORBS web site where it describes this exact problem as a bug. So now I
have to rephrase my question: Is there an effective work-around for this,
that will prevent qmail from automatically rewriting rcpt addresses without
a domain?
Thanks,
Mark
> -----Original Message-----
> From: Russ Allbery [mailto:[EMAIL PROTECTED]]
> Sent: Mon, April 17, 2000 10:07 PM
> To: 'qmail list'
> Subject: Re: Qmail failing ORBS test :-(
>
>
> Sounds like your problem is with your sendmail box. Why
> don't you turn
> off !-addressing on your sendmail system? That would seem to
> neatly solve
> the problem.
>
> --
> Russ Allbery ([EMAIL PROTECTED])
<http://www.eyrie.org/~eagle/>
