Hello again:)
I've been battling against my site being used to relay mail for spammers,
and I'm running into some unexpected difficulties.
OS = bsd/os version 2.1, exim version = 1.62.
Problem: setting sender_net_accept_relay or sender_host_accept relay
rejects mail from local nets and hosts:(
Here's the relevent section of the config file, in the MAIN CONFIGURATION
SETTINGS section...
# anti-spam configs
sender_reject = lsearch;/etc/mail/Spammer
sender_host_reject = lsearch;/etc/mail/SpamDomains
# doesn't seem to work with IPs:(
relay_domains = lsearch;/etc/mail/relayto
sender_net_accept_relay = 204.214.110.0/255.255.252.0
sender_net_accept_relay = 204.214.118.0/255.255.254.0
sender_host_accept_relay = lsearch;/etc/mail/relayfrom
# Cyberpromo
sender_net_reject = 205.199.2.0/255.255.255.0
sender_verify = true
sender_verify_fixup = true
smtp_receive_timeout = 1m
strip_excess_angle_brackets = true
strip_trailing_dot = true
/etc/mail/relayfrom contains
harborside.com
*.harborside.com
... Couple of others.
The reject log has lots of lines like:
------------------------------------------------------------------------------
1997-05-23 19:19:18 refused relay (host accept) to harig@??? from
<baines@???> H=melindab [204.214.110.70]
------------------------------------------------------------------------------
1997-05-23 19:20:16 refused relay (host accept) to bwoodruf@???
from<fwoodruf@???> H=harborside.harborside.com [204.214.111.42]
------------------------------------------------------------------------------
1997-05-23 19:20:40 refused relay (host accept) to harig@??? from
<baines@???> H=melindab [204.214.110.70]
------------------------------------------------------------------------------
Meanwhile the mainlog is getting some strange but unrelated (?) error
messages like this:
1997-05-23 19:17:01 0wV6NG-0006N5-00 Failed to get write lock for
/var/spool/exim/db/wait-remote_smtp
1997-05-23 19:17:01 0wV6NG-0006N5-00 Failed to open wait-remote_smtp
database
1997-05-23 19:17:01 0wV6NG-0006N5-00 =>
love-issues-owner@??? R=lookuphost T=remote_smtp
H=slave1.prodigy.com [198.83.19.147]
1997-05-23 19:17:01 0wV6NG-0006N5-00 Completed
I tested a setup very similar to this before putting it on a production
system, and it seemed to work fine there, allowing mail as appropriate and
banning relaying otherwise. But as soon as the load goes up a little this
host starts anti-relay'ing against virtually everything:(
Any clues greatly appreciated! :)
Thanks,
David Miller
----------------------------------------------------------------------------
It's *amazing* what one can accomplish when
one doesn't know what one can't do!
