Re: Relay problems ... spam???


Subject: Re: Relay problems ... spam???
From: Mike Tibor (tibor@lib.uaa.alaska.edu)
Date: Mon Dec 03 2001 - 11:36:04 AKST


On Sun, 2 Dec 2001, Grant Stockly wrote:

>
> How do I make sure that my mail server won't be used as a spam relay? I've
> included my mc and domain m4 files. I found this today and its pretty
> strange. How is stockly.com related to this yahoo message? This is the
> ONLY complaint I've ever received!

You really need to upgrade the version of sendmail you're running. 8.8.8
is vulnerable to a couple of different relay tricks. I'm assuming this is
on your home server, and not a business environment where you may have
dialup users to contend with.

The basic concept for locking things down is to keep in mind the following
rules:

1. Mail originating from an IP address on your network should be relayed
2. Mail not originating from an IP on your network, but which is
        destined for a local recipient (ie, me sending mail to you)
        should also be relayed.

In a nutshell, mail either needs to originate from your network, or
terminate there, otherwise it has no business going through your server.
The key to this is to examine the IP address of the connecting smtp
client.

With recent versions of sendmail, this is dealt with using the access map.
Here's very basic example of /etc/mail/access:

127.0.0.1 RELAY
10 RELAY

This tells sendmail to relay from localhost, and everything within
10.0.0.0/8 private network. There's much more on this in the docs at
sendmail.org.

Again, the above assumes a home environment. If you have dialup users who
may be connecting from different ISPs on different days of the week, and
they don't use VPN software, then SMTP auth is probably the way to go.

Mike

-- 
Mike Tibor         Univ. of Alaska Anchorage    (907) 786-1001 voice
Network Technician     Consortium Library         (907) 786-6050 fax
tibor@lib.uaa.alaska.edu       http://www.lib.uaa.alaska.edu/~tibor/
http://www.lib.uaa.alaska.edu/~tibor/pgpkey  for PGP public key



This archive was generated by hypermail 2a23 : Mon Dec 03 2001 - 11:36:07 AKST