Tommy Butler wrote:
> So what you're indirectly saying is that the default Debian
> configuration that comes with exim4 is to be an open mail relay for the
> world?! Can it be so? I'm basically using the default configuration
> with the exception that I'm trying to get TLS to work (and it still isn't).
Debian's default config relays to noone, but you should test your server
to check for open relay.
Out of curiosity, I tested yours at
http://www.abuse.net/relay.html and
got the following:
**begin quote
Relay test 1
>>> RSET
<<< 250 Reset OK
>>> MAIL FROM:<spamtest@???>
<<< 250 OK
>>> RCPT TO:<securitytest@???>
<<< 250 Accepted
Relay test result
Hmmn, at first glance, host appeared to accept a message for relay.
THIS MAY OR MAY NOT MEAN THAT IT'S AN OPEN RELAY.
Some systems appear to accept relay mail, but then reject messages
internally rather than delivering them, but you cannot tell at this
point whether the message will be relayed or not.
You cannot tell if it is really an open relay without sending a test
message; this anonymous user test DID NOT send a test message.
**end quote
You've reconfigured something. Both my exim3 and exim4 servers use
debian's default packages (exim-tls for exim3 and exim4-daemon-heavy for
exim4), I haven't touched the relay settings, and they're all closed
relays. Granted, I'm speaking of the stable and testing branches of
debian - I haven't tried with unstable, but it's common sense you
shouldn't use unstable on a server, so I'm guessing you aren't.
Bob..
