Here is a snipette from showctl:
---
qmail home directory: /var/qmail.
user-ext delimiter: -.
paternalism (in decimal): 2.
silent concurrency limit: 120.
subdirectory split: 23.
user ids: 200, 201, 202, 0, 203, 204, 205, 206.
group ids: 200, 201.
badmailfrom:
[EMAIL PROTECTED] not accepted in MAIL FROM.
... etc ...
bouncefrom: (Default.) Bounce user name is MAILER-DAEMON.
bouncehost: (Default.) Bounce host name is leviathan-tu1.mtco.com.
concurrencylocal: Local concurrency is 120.
concurrencyremote: (Default.) Remote concurrency is 20.
databytes: (Default.) SMTP DATA limit is 0 bytes.
defaultdomain: Default domain name is mtco.com.
defaulthost: Default host name is mtco.com.
doublebouncehost: (Default.) 2B recipient host: leviathan-tu1.mtco.com.
doublebounceto: (Default.) 2B recipient user: postmaster.
envnoathost: (Default.) Presumed domain name is leviathan-tu1.mtco.com.
helohost: (Default.) SMTP client HELO host name is leviathan-tu1.mtco.com.
idhost: (Default.) Message-ID host name is leviathan-tu1.mtco.com.
localiphost: (Default.) Local IP address becomes leviathan-tu1.mtco.com.
locals:
Messages for localhost are delivered locally.
Messages for leviathan-tu2.mtco.com are delivered locally.
... etc ...
me: My name is leviathan-tu1.mtco.com.
percenthack: (Default.) The percent hack is not allowed.
plusdomain: Plus domain name is mtco.com.
qmqpservers: (Default.) No QMQP servers.
queuelifetime: (Default.) Message lifetime in the queue is 604800 seconds.
rcpthosts:
SMTP clients may send messages to recipients at lesreelbenefit.org.
... etc ...
morercpthosts: (Default.) No effect.
morercpthosts.cdb: (Default.) No effect.
smtpgreeting: SMTP greeting: 220 MTCO.
smtproutes: (Default.) No artificial SMTP routes.
timeoutconnect: (Default.) SMTP client connection timeout is 60 seconds.
timeoutremote: (Default.) SMTP client data timeout is 1200 seconds.
timeoutsmtpd: (Default.) SMTP server data timeout is 1200 seconds.
virtualdomains:
Virtual domain: nash-hasty.com:alias-aliases
... etc ...
---
So that looks good...
Here is the web link to a open relay check:
http://www.prodigysolutions.com/relay_test.html
it returns open relay based on the messages being accepted I guess.
Here is the output from another:
>>> RSET
<<< 250 flushed
>>> MAIL FROM:<[EMAIL PROTECTED]>
<<< 250 ok
>>> RCPT TO:<[EMAIL PROTECTED]>
<<< 250 ok
>>> DATA
<<< 354 go ahead
>>> (message body)
<<< 250 ok 984601860 qp 25826
This one isn't as clear, because it's sending to a local address which
is ok. The first test outputs in html so it's pretty ugly to cut and
paste.
Really I'm just looking to ease my mind and confirm with 100% certainty
that I'm not an open relay in any way.
On Wed, 14 Mar 2001, Charles Cazabon wrote:
> mick <[EMAIL PROTECTED]> wrote:
>
> > > > The :allow at the end makes the server an open relay! Not acceptable.
> > >
> > > No it doesn't. The allow means "allow the connection". RELAYCLIENT=""
> > > means "allow relaying to the world".
> >
> > Ok, then how can I test wether I have an open relay or not? All of the
> > tests from the web show us as an open relay because the connection and
> > message are accepted.
>
> If all of the following are true:
> -you do not enable the percenthack
> -you have a file /var/qmail/control/rcpthosts
> -your .cdb file for the tcpserver instance running qmail-smtpd does
> not have :allow,RELAYCLIENT="" in it, or some number of IP-specific
> lines which amount to the same thing
>
> you are not an open relay. qmail will accept mail from any host which is
> address to _any_ local-part in any of the domains in rcpthosts. If that
> domain is in locals or virtuals, qmail will deliver it appropriately on the
> local box, and otherwise, will forward it to the domain in question (by
> looking up MX records or using smtproutes).
>
> Show us these "tests from the web" with all their output, and the output
> of `qmail-showctl`.
>
> Charles
> --
> -----------------------------------------------------------------------
> Charles Cazabon <[EMAIL PROTECTED]>
> GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/
> Any opinions expressed are just that -- my opinions.
> -----------------------------------------------------------------------
>
>
*****************************************
Mick Dobra
Systems Administrator
MTCO Communications
1-800-859-6826
*****************************************
