RE: [Exim] Re: Mail relay problems

Top Page
Delete this message
Reply to this message
Author: Andy Coy
Date:  
To: exim
Subject: RE: [Exim] Re: Mail relay problems
>> post# sendmail -bP host_accept_relay
>> host_accept_relay =
>>localhost:127.0.0.1:212.1.128.0/19:62.6.186.226:80.40/13:212.74.96.0/19:21

2.
>>

159.128.0/18:62.64.128.0/19:212.139.32.0/19:212.139.128.0/17:213.123.76.0/23
>>:62.7.125.0/24:62.7.126.0/24:62.7.127.0/24:80.225/16
>>post#
>>
>> I think I have fixed most of it. At the end of the long list of IP's I

added
>> *.tiscali.com and suddenley it's started to relay. I beleive the problem

to
>> be down to the 'funky' DNS someone else mentioned earlier.
>>


>Do keep in mind that this setup makes you an open relay. (Eg, tons o>f
>people who are *not* your customers can relay through your server)


>Spammers *WILL* find you, and they will start taking advantage of this.
>When they do, your servers IP will find its way onto many of the various
>DNSBL's, some of which are used by quite a variety of people to reject
>mail. Eg, eventually, your customers (both the paying ones and the
>spammers you will be providing free service to) will find their mails
>rejected by many of those servers when they are sent via your server.
>The spammers wont care, but I presume your customers will.


>In order to prevent this hapenning, you need a way of distinguishing
>your customers from the spammers. Since you don't know which of
>apparently hundreds of thousands of IP addresses they might be on at any
>given time, the only way to do this is with SMTP AUTH. This is not that
>difficult to setup, but you might have a hard time convincing your
>customers to start using it once they have become accustomed to not
>needing it. (On a good note, it might be easier to convince them after
>your server is on the various lists of open relays. Of course, at that
>point just setting up SMTP auth wont get you off of them. It will take
>clearing out any IP's from host_acept relay not directly under your
>control, and then it will take time going by)



Thanks for the warning Dave. I do realise this opens up to Tiscali's
network, however they do have rules if anyone uses me for spam it must come
from within Tiscali's domains and they are about the 3rd biggest in Europe,
so I'm not to worried. They have a rep to protect. Secondly the servers will
be removed from the NOC on Friday morning and set up in another companies
NOC, one that actually gives a s**t about it's customers, at this time they
will have new IP addresses etc.

Thanks for all your help, much appreciated.

Andy