On Wed, May 16, 2001 at 10:03:50AM -0400, John Kuhn wrote:
> I've managed compile and setup Qmail along with courier thanks to the
> fabulous docs and howto's on it.. but I'm running into a fairly serious
> problem here..
I suspect that you haven't really read them too well...
>
> the problem
> it's seems no matter what I put in /etc/tcp.smtp anyone can relay mail off
> my server it will not deny anyone I've taken everything out besides the
> localhost address and recompiled with tcprules
>
> 127.0.0.1:allow,RELAYCLIENT=""
> :allow
>
> compile it.. restart qmail.. and it's still an open relay.. people from any
> network can bounce email off me.. the only way I can stop it is to add my
> domain to /var/qmail/rcpthosts which will then bounce any email not sent to
> my domain.
Can you tell us why, precisely, populating rcpthosts is a problem? That
is the way it is supposed to be configured. From 'man qmail-smtpd':
rcpthosts
Allowed RCPT domains. If rcpthosts is supplied,
qmail-smtpd will reject any envelope
recipient address with a domain not listed in rcpthosts.
Exception: If the environment variable RELAYCLIENT is set,
qmail-smtpd will ignore rcpthosts, and will append the value
of RELAYCLIENT to each incoming recipient address.
You _must_ populate rcpthosts.
P.S. If the documents you have read do not state that populating
rcpthosts is a requirement, please point them out to me, or the list, so
that I/we can tell the whole world to stay away from them.
--
Greg White
Those who make peaceful revolution impossible will make violent
revolution inevitable.
-- John F. Kennedy
