-----Original Message----- From: Craig Bowers [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 08, 2003 9:30 AM To: SIMS Discussions Subject: Re: Open relay detected within your network
> ... one can only wonder. What the router line says is, "if I receive mail for 3-rivers.com, relay it to 3-rivers.com's smtp server" Quibbling with your wording, but the secondary is a 3-rivers.com smtp server as well. I'd word it more like :if I receive mail for 3-rivers.com, do a DNS lookup on 3-rivers.com and pass it to the first MX available with a higher priority (lower MX value) than me (a backup MX server), starting with the highest priority (lowest MX value). So it may well deliver to the primary 3-rivers.com smtp server, but it may instead deliver to any other smtp server (on or off 3-rivers.com network) depending on what the 3-rivers.com DNS lists as MX records. So for example if I was a blackhat hacker and I wanted to make life difficult for 3-rivers.com and I could gain DNS control at 3-rivers.com, I could add an MX record for the ordb.org smtp server to the 3-rivers.com domain. 3-rivers.com's secondary server would then happily relay/forward mail to ordb.org, and 3-rivers.com would get RBL blacklisted without even touching the SIMS boxes. Follow-up question: Do you have the IP of the primary SMTP server in the client list of your secondary? I'm puzzled what generates the "will relay for a client" on your secondary. In my own system which passes the ordb tests, I have the IP of the secondary in the primaries client list, but the client list on my secondary is empty. I wouldn't have a need even for the secondary IP to be listed as a client on the primary (the .smtp rounter entry alone is sufficient), except that I've had some instances where spammers have gotten my primary to temp ban my secondary. Oh, and I'm using 1.8b9d14 ############################################################# This message is sent to you because you are subscribed to the mailing list <[EMAIL PROTECTED]>. To unsubscribe, E-mail to: <[EMAIL PROTECTED]> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]> Send administrative queries to <[EMAIL PROTECTED]>
