Congrats on finding this out on your own, Richard. I'm afraid though,
that this isn't a very good solution to the problem. What you've done is
to make yourself available as an open relay to all of the IP addresses
included in the 'part of ip of transmitter'. This is great for spammers,
and bad for you. If a spammer in that address range were to exploit the
relay, you would soon find your IP address blacklisted, preventing you
to send emails to many destinations. This is not a pleasant situation
for anyone to be in. While the likelihood of someone actually exploiting
your host may be low, it's best to simply eliminate the possibility. As
a result, I recommend undoing your change to the tcp.smtp file, followed
by doing a
# service qmail cdb
to make the change effective.
Now the question is, why/how did that cure your delivery problem? Adding
the RELAYCLIENT variable does a few things, but not all that much. It
causes simscan to bypass SpamAssassin scanning (clamav scanning is still
done), and it allows the sender to send to absolutely any domain (the
Relay part) as opposed to sending only to the domains which are local to
your host (domains listed in your rcpthosts file).
As you'll notice in the smtp log, the next thing that typically follows
the chkuser sender message is the chkuser rcpt (recipient) message. So
it's a good guess that something is amiss with the message recipient(s),
which is consistent with what we've observed with RELAYCLIENT. It's
unfortunate in this case that qmail or chkuser doesn't give us any kind
of message as to what exactly the problem is. That's not acceptable in
my mind, but we'll have to work around it in the meantime.
Speaking of log messages, qmail/SPF used to reject incoming messages
with no log message, but that's been subsequently fixed. I also don't
know if RELAYCLIENT bypasses the SPF check or not. I suppose it's
possible that this is the problem you're experiencing. You might try
changing your /var/qmail/control/spfbehavior from 3 to 1, then
restarting qmail, and see if perhaps that remedies your problem.
How old is your qmail-toaster package?
# rpm -qa | grep toaster | sort
will show us what versions you're running. Also,
# qtp-whatami
would be helpful.
Let us know if this remedies your problem or not. If it doesn't I would
install spamdyke (definitely do this regardless), then use spamdyke's
detailed logging facility to see exactly what's going on with this. That
would be the easiest way to see exactly where the smtp session fails.
--
-Eric 'shubes'
On 07/30/2012 07:27 AM, Richard Vinke wrote:
Self-study is good........
I added the next line to /etc/tcprules.d/tcp.smtp:
'part of ip of transmitter':allow,RELAYCLIENT="",<more text>
(Here i added the relayclient).
Now the mails of that domain is dripping in!
On 07/30/2012 06:21 AM, Richard Vinke wrote:
Hi all,
I set up a qmail toaster several years ago, but only used it with an
external smtp server (my provider).
Several weeks ago, I had to use the Toaster also as smtp server, so
people can send mail to me directly. I changes the MX records, opened
port 25 and... voilĂ , it works!
But one sender cannot deliver mail. With =/usr/sbin/qmlog smtp=, I see
(real sender domain is replaced with 'domain')"
07-27 15:21:24 CHKUSER accepted sender: from <i...@domain.nl::> remote
<relay.domain.nl:unknown:195.78.85.133> rcpt <> : sender accepted
07-27 15:21:24 tcpserver: end 3644 status 0
But no mail is delivered.
When I send a test mail to the same email address, it arrives OK.
I think, it has something to do with the 'relay', but I am not sure.
How can I solve this?
Richard
---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
