RE: [Exim] Closing an open relay

Página Inicial
Delete this message
Reply to this message
Autor: Mark McRitchie
Data:  
Para: 'Patrick Draper'
CC: Exim Users (E-mail)
Assunto: RE: [Exim] Closing an open relay
Now, unless I've totally missed something (and I never rule that out!)...
your saying that your mail server actually accepted an email destined for
your domain?

Thats not relaying. Unless your mail server does recipient verification (ie
you don't have all unknown recipients going to one account or something
similar) then mail for a non-existant address should get bounced.

As to your original suspicious mail, forged From addresses are very common
in spam, and the mail _was_ addressed to you...

Regards,
Mark.

-----Original Message-----
From: Patrick Draper [mailto:eximusers@pdrap.org]
Sent: 01 September 2002 20:19
To: exim-users@???
Subject: [Exim] Closing an open relay


Hi everyone, I need your help to close an open relay. Unfortunately, it
belongs to me. :-(

I got a suspicious mail that appeared to come from me, addressed to me, and
that prompted me to check my logs and use the relay checker at abuse.org.

The logs show that no other mail has been bounced off my server, so that's
not a problem (yet).

The relay checker showed that I do have a problem though:


Relay test 6
>>> RSET

<<< 250 Reset OK
>>> MAIL FROM:<spamtest@???>

<<< 250 <spamtest@???> is syntactically correct
>>> RCPT TO:<user-22410%nf.abuse.net@???>

<<< 250 <user-22410%nf.abuse.net@???> is syntactically correct
>>> DATA

<<< 354 Enter message, ending with "." on a line by itself
>>> (message body)

<<< 250 OK id=17lZv1-0001sP-00

I did receive the mail that was used to test. That means that my server
is open.

Here are some things from my exim.conf

local_domains = localhost:pdrap.org
local_domains_include_host = true
local_domains_include_host_literals = true
#relay_domains =
#relay_domains_include_local_mx = true
host_accept_relay = localhost:10.1.1.0/24
#host_auth_accept_relay = *

Can someone help me figure out what I have done wrong? I can provide any
information required. If it would be helpful for me to provide the full
exim.conf file and the example spam that was mailed to me then I will.

Thanks in advance for any help,

--
Patrick Draper                | Don't  |sig4433@???
Austin, Texas                 | Fear   |Father Order runs at a
http://www.pdrap.org          | The    |good pace, but old Mother
Be Microsoft Free - Use Linux |Penguin |Chaos is winning the race.


--

## List details at http://www.exim.org/mailman/listinfo/exim-users Exim
details at http://www.exim.org/ ##


Salamis Group of Companies - WWW.SALAMISGROUP.COM

This communication contains information which is confidential and may
also be privileged. It is for the exclusive use of the intended
recipient(s). If you are not the intended recipient(s) be advised
that any form of distribution, copying or use of this communication
or the information it contains is strictly prohibited and may be
unlawful. We apologise if you have received this communication in
error. Please return it to the sender immediately, delete this
communication from your computer and destroy any copies of it. Any
views/opinions expressed in this email are that of the author and may
not reflect the views of Salamis (M&I)Ltd.