I am quite a new Qmail user, and so I'm looking for some help here.
We have a QMAIL server that our previous sysadmin left in open relay
mode. I am trying to close the security holes, but I don't understand Qmail
worth a damb (having used sendmail and being groomed on sendmail my entire
unix life).
I have a tcprules file the directory it appears my predecessor left the
setup files in, and acording to the runline in PS (I still cannot find where
he is actually launching tcpserver for smtp but it is running) the file
should be /var/service/qmail-smtpd/tcprules.cdb
This file does exist, and it is readable, containing the following rule:
127.0.0.1:allow,RELAYCLIENT=""
209.254.33.:allow,RELAYCLIENT=""
yet if I jump onto a machine that is not in these rules, and I telnet into
port 25, I can setup a mail from outside the realm to outside the realm.
I do not understand Qmail at all so I need some major help here.
Thanks!
