Unfortunately I do not have the tcpserver logfiles. The tcp.smtp error is
my bad typing again. As for not giving you the rest, I'm a lazy typer as
well, I only gave you the last lines. sorry.
I was thinking( I know a dangerous concept :-) ) would putting the
following in the tcp.smtp.cbd file be as effective:
127.0.0.1:allow
199.175.103.1:allow <--- the IP of the mail host --->
That would make sure that only local messages would be delivered, right?
Thanks again for the help.
At 12:58 PM 7/18/00 -0700, Aaron L. Meehan wrote:
>Quoting Robert Spraggs ([EMAIL PROTECTED]):
> > I am using the out-of-the-box configuration of qmail 1.0.3.
>
> > Jul 11 13:43:10 noif qmail: 963348190.748946 info msg 2654625: bytes 1426
> > from <> qp 17024 uid 7774
> > Jul 11 13:43:10 noif qmail: 963348190.760341 starting delivery 9163: msg
> > 2654625 to remote [EMAIL PROTECTED]
>
> > I would have thought that this message should have failed since it is not
> > in my rcpthosts, or listed in my tcp.smtp.cbd file, and therefore not
> > considered local.
> >
> > Here is my tcp.smtp:
> > 192.168.2.:allow,RELAYCLIENT""
> > :allow
>
>Hmm, well the output of tcpserver's logfile would help more with
>determining whether this connection comes from an IP address that is
>allowed relaying. Second, that rule 192.168.2.:allow,RELAYCLIENT"" is
>not formatted properly. It should be RELAYCLIENT="" -- although I
>must say the formatting error would not cause unauthorized relay.
>
>It would seem you're obfuscating your IP addresses, or else really
>using reserved IP space?
>
>If the IP address isn't in your rules file and setting RELAYCLIENT,
>with stock qmail and a working tcpserver with rules, I can only think
>of one thing: the message is accepted by another mail server in the
>192.168.2.0/24 network with your qmail server as its smarthost.
>
>There's no other way to relay through stock qmail if you have a
>rcpthosts file present. RELAYCLIENT *has* to be set, period. So,
>what was the IP address of the connection that initiated that mail
>transfer? Don't obfuscate, show us the real stuff, and the tcpserver
>logs.
>
>Aaron
