A system I have been asked to look at is using these lines to start qmail + vpopmail:
A: /usr/local/bin/tcpserver -v -R \ -x/var/spool/pop3/etc/tcp.smtp.cdb \ -c100 -u504 -g507 \ 0 smtp /var/qmail/bin/qmail-smtpd & B: tcpserver -v -H -R 0 pop-3 \ /var/qmail/bin/qmail-popup mail.some.host \ /var/spool/pop3/bin/vchkpw \ /var/qmail/bin/qmail-pop3d Maildir & C: /var/spool/pop3/etc/tcp.smtp.cdb was built from these rules: 127.0.0.:allow,RELAYCLIENT="" 194.72.80.162:allow,RELAYCLIENT="" 194.72.80.166:allow,RELAYCLIENT="" 62.6.112-127.:allow,RELAYCLIENT="" 62.6.128-135.:allow,RELAYCLIENT="" 62.7.128-191.:allow,RELAYCLIENT="" 62.172.80-83.:allow,RELAYCLIENT="" 62.172.88-91.:allow,RELAYCLIENT="" 212.140.80-81.:allow,RELAYCLIENT="" 212.140.86-87.:allow,RELAYCLIENT="" 212.140.112-127.:allow,RELAYCLIENT="" 212.140.152-169.:allow,RELAYCLIENT="" 217.32.120-127.:allow,RELAYCLIENT="" 217.32.128-159.:allow,RELAYCLIENT="" 217.32.160-163.:allow,RELAYCLIENT="" 217.35.212-215.:allow,RELAYCLIENT="" 217.35.216-223.:allow,RELAYCLIENT="" 217.35.224-255.:allow,RELAYCLIENT="" Questions: 1. Is it correct to say that qmail will be using /var/spool/pop3/etc/tcp.smtp.cdb to decide who can and who cannot connect to send e-mail, thus ignoring rcpthosts? 2. Does vpopmail accept POP3 connections from anywhere, as there is no -x option? 3. Does the lack of :deny in C: mean that the machine is an open relay? (If I add :deny and rebuild the CDB, then nothing can make SMTP connections except the hosts in the file, which is A Bad Thing). The thing is, I believe that qmail should be using rcpthosts to decide who can relay (rcpthosts contains a list of the virtual domains hosted there). Also, the file /var/spool/pop3/etc/tcp.smtp.cdb is supposed to contain those IPs that are allowed to initiate POP3 connections. 4. So am I right to assume I should take the -x option from A: and put it into B: instead? That way qmail will use rcpthosts as desired for selective relaying, and vpopmail will end up using C: (plus a :deny line)? Thanks in advance for any help, Adam Nealis. __________________________________________________ Do You Yahoo!? Buy the perfect holiday gifts at Yahoo! Shopping. http://shopping.yahoo.com
