On Thu, Jan 25, 2001 at 10:39:26AM -0700, Dan Egli wrote:
> We have a QMAIL server that our previous sysadmin left in open relay
> mode. I am trying to close the security holes, but I don't understand Qmail
> worth a damb (having used sendmail and being groomed on sendmail my entire
> unix life).
>
> I have a tcprules file the directory it appears my predecessor left the
> setup files in, and acording to the runline in PS (I still cannot find where
> he is actually launching tcpserver for smtp but it is running) the file
> should be /var/service/qmail-smtpd/tcprules.cdb
>
> This file does exist, and it is readable, containing the following rule:
>
> 127.0.0.1:allow,RELAYCLIENT=""
> 209.254.33.:allow,RELAYCLIENT=""
>
> yet if I jump onto a machine that is not in these rules, and I telnet into
> port 25, I can setup a mail from outside the realm to outside the realm.
Does /var/qmail/control/rcpthosts exist? If not, you should create it, and you
should put in it a list of domains for which you're willing to receive mail,
one per line.
See http://web.infoave.net/~dsill/lwq.html for lots of good qmail information.
Chris
