I have just ran nessus on my server, which I thought was properly
configured to not be a spam relay... and it reported the following:
The remote SMTP server allows anyone to
use it as a mail relay, provided that the source address
is set to '<>'.
This problem allows any spammer to use your mail server
to spam the world, thus blacklisting your mailserver, and
using your network resources.
Risk factor : Medium
Solution : reconfigure this server properly
CVE : CVE-1999-0819
My relay config section is:
relay_domains =
host_accept_relay = localhost : XX.XX.XX.XX : XX.XX.XX.XX
no_relay_domains_include_local_mx
no_relay_match_host_or_sender
Where XX's relate to my external IP's
Have I missed something glaringly obvious in the documentation ?
Thanks for any info..pointers or telling me that I need glasses and to
read the faq :)
