Hi,
I've got Exim 4.43 installed and just recently setup smtp authentication so
my users can use their dial-up accounts from home/etc. I also am trying to
use/setup SSL/TLS (only) and just today I noticed a lot more traffic through
my server, with a lot of the following:
2005-09-24 12:25:21 1EIq3C-0002ER-6J SMTP error from remote mailer after
MAIL FROM:<dfdfdfdfd@???> SIZE=4871: host mx10.mail.tw.yahoo.com
[202.43.200.99]: 451 VS2-MF5 Excessive unknown recipients - possible Open
Relay
http://help.yahoo.com/help/us/mail/spam/spam-18.html (#4.4.5)
217.91.111.75
is this telling me that MY server is suspected of being an open relay? Or
is it the mx10.mail.tw.yahoo.com server that's a possible open relay?
The particular exim.conf setting I have are:
[GLOBAL]
hostlist auth_relay_hosts = *
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_auth = acl_check_auth
acl_smtp_starttls = acl_check_auth
auth_advertise_hosts = *
tls_advertise_hosts = *
tls_certificate = /etc/exim/certs
tls_privatekey = /etc/exim/privkey
[ACL]
... the default config, and then ...
acl_check_auth:
accept hosts = +auth_relay_hosts
endpass
verify = recipient
require verify = sender
accept authenticated = *
deny message = relay forbidden without authentication
[AUTH CONFIG]
plain:
driver = plaintext
public_name = PLAIN
server_condition = "\
# $2 = Username | $3 = password
${if and {{!eq{$2}{}}{!eq{$3}{}} \
{crypteq{$3}{${extract{1}{:} \
{${lookup{$2}lsearch{/etc/exim/.passwd}{$value}{*:*}}}}}}}{1}{0}}"
server_set_id = $2
login:
driver = plaintext
public_name = LOGIN
server_prompts = "Username:: : Password::"
server_condition = "\
# $1 = Username | $2 = password
${if and {{!eq{$1}{}}{!eq{$2}{}} \
{crypteq{$2}{${extract{1}{:} \
{${lookup{$1}lsearch{/etc/exim/.passwd}{$value}{*:*}}}}}}}{1}{0}}"
server_set_id = $1
Thank in advance for your help!
Robert
