On Thu, Jan 25, 2001 at 10:39:26AM -0700, Dan Egli wrote:
> This file does exist, and it is readable, containing the following rule:
> 127.0.0.1:allow,RELAYCLIENT=""
> 209.254.33.:allow,RELAYCLIENT=""
> yet if I jump onto a machine that is not in these rules, and I telnet into
> port 25, I can setup a mail from outside the realm to outside the realm.
>
> I do not understand Qmail at all so I need some major help here.
Do you have a file called
/var/qmail/control/rcpthosts
if that file does not exist your mailserver is relay open.
$ man qmail-smtpd (located in /var/qmail/man)
------------------------------------------------------------------------
[ ... ]
rcpthosts
Allowed RCPT domains. If rcpthosts is supplied,
qmail-smtpd will reject any envelope recipient
address with a domain not listed in rcpthosts.
Exception: If the environment variable RELAYCLIENT is
set, qmail-smtpd will ignore rcpthosts, and will
append the value of RELAYCLIENT to each incoming
recipient address.
rcpthosts may include wildcards:
heaven.af.mil
.heaven.af.mil
Envelope recipient addresses without @ signs are
always allowed through.
[ ... ]
------------------------------------------------------------------------
\Maex
--
SpaceNet AG | Joseph-Dollinger-Bogen 14 | Fon: +49 (89) 32356-0
Research & Development | D-80807 Muenchen | Fax: +49 (89) 32356-299
Stress is when you wake up screaming and you realize you haven't fallen
asleep yet.
