Re: [Exim] Relay & amavis

Page principale
Supprimer ce message
Répondre à ce message
Auteur: dman
Date:  
À: exim-users
Sujet: Re: [Exim] Relay & amavis
--
On Fri, May 10, 2002 at 07:30:32PM +0200, Roxik wrote:

| Now I'm installed amavis-perl i worte rules from readme.exim (amavis
| packages distribution). It work's great. All viruses (known) has
| beed stoped.


I don't have that readme file; I don't know what you wrote in your
config.

| But, part open-relay has been open..
| For example:

|
| telnet 0 25
| Trying 0.0.0.0...
| Connected to 0.


Careful here, I've made this mistake a few times in testing. If
localhost is allowed to relay then you need to telnet in from
somewhere else to test your relay rules.

| Escape character is '^]'.
| 220 {HOST} ESMTP Exim 3.35 #3 Fri, 10 May 2002 19:19:21 +0200
| mail from: <spam@???>
| 250 <spam@???> is syntactically correct


I'll guess at this one below.

| rcpt to: <roxik@???>
| 250 <roxik@???> verified


Is this supposed to be allowed? Is it supposed to be allowed for the
host you telneted in from?

| 250 OK id=176E3L-0007C6-00


| I have a couple accounts into mydomain.pl, but I have'nt account
| spam.. Before amavis this does work.. now work.. why? How I can to
| change this?


Did you add a director for amavis? Did you set no_verify on it? If
not then it probably accepts any address, thus exim won't reject the
addresses at RCPT time. In that situation it may or may not actually
be an open relay, but it depends on what happens with the message
after that router sees it.

Do you have exim redirect the post-scanned message back to itself via
BSMTP? If not it's a good idea to do that. It prevents shell qouting
problems and ensures the envelope of the message is intact.

How about posting your relevant router/director/transport
configuration?

-D

--

If you hold to [Jesus'] teaching, you are really [Jesus'] disciples.
Then you will know the truth, and the truth will set you free.
        John 8:31-32


GnuPG key : http://dman.ddts.net/~dman/public_key.gpg

--
[ Content of type application/pgp-signature deleted ]
--