Re: [SLE] Stopping open mail relay in SuSE standard server.

• Previous message: Bill Wisse: "Re: [SLE] New SD Card Reading Problem"
• In reply to: Anders Johansson: "Re: [SLE] Stopping open mail relay in SuSE standard server."
• Next in thread: Faber Fedor: "[SLE] Re: Stopping open mail relay in SuSE standard server."
• Reply: Faber Fedor: "[SLE] Re: Stopping open mail relay in SuSE standard server."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Sat, 24 Jul 2004 21:55:17 -0400
To: suse-linux-e@suse.com

Anders Johansson wrote:
> On Sat, 2004-07-24 at 21:12 -0400, James Knott wrote:
>
>>Bruce Marshall wrote:
>>
>>>On Saturday 24 July 2004 03:53 pm, James Knott wrote:
>>>
>>>
>>>>Bruce Marshall wrote:
>>>>
>>>>
>>>>>On Saturday 24 July 2004 03:15 pm, James Knott wrote:
>>>>>
>>>>>
>>>>>>I've set up a mail server, using SuSe Standard Server, and while it's
>>>>>>now working, it appears I've also got an open mail relay running.
>>>>>>According to what I've read in the O'Reilly Postfix book, postfix is
>>>>>>supposed to default to not be an open relay. I've check main.cf and I
>>>>>>can't see anything that might be causing the open relay. Any ideas, as
>>>>>>to what I might check? I've shut down postfix, until I can resolve this
>>>>>>problem.
>>>>>
>>>>>Why are you allowing people outside your firewall (you do have one don't
>>>>>you?) to come in on port 25?? If they can't use port 25, they can't use
>>>>>you as a relay.
>>>>
>>>>How would incoming mail get to the server, if port 25 isn't open? There
>>>>is a firewall ahead of the server, with port 25 forwarded to the server.
>>>
>>>
>>>You didn't mention you were running your own incoming mail server. Are you?
>>>
>>>Most people bring in mail using pop3 or such with fetchmail. If you're
>>>running your own mx, then you should (IMHO) know how to set postfix to not be
>>>a relay. (I don't know since I don't run my own incoming smtp)
>>>
>>>
>>>
>>
>>I'm trying to set up a mail server for a small company. According to
>>the O'Reilly Postfix book, it is already configured to not relay,
>
>
> A book can't read your current config. And come to think of it, neither
> can we unless you post it. That might help in putting you on the right
> track
>
>
>> but it
>>apparently is relaying. At the moment, I'm just going by what the
>>status displays show,
>
>
> look at /var/log/mail instead, that tells you what the mail server is
> doing
>
>
>> as the server is about 25 miles away and only
>>physically accessable during business hours. I plan to go in and verify
>>what's happening, with ethereal.
>
>
> the mail log should be sufficient to verify whether it's an open relay
> or not. And we really do need to see main.cf to be able to say what's
> wrong, if anything.

Here's a chunk of the log

Jul 24 14:51:58 mail postfix/qmgr[829]: 3278B213E:
from=<hospitalacrylic@adelphia.net>, size=1514, nrcpt=1 (queue active)
Jul 24 14:51:58 mail postfix/qmgr[829]: 351DE1F95:
from=<bagleybreaker@sympatico.ca>, size=1860, nrcpt=1 (queue active)
Jul 24 14:51:58 mail postfix/qmgr[829]: 365581F42:
from=<telephonerspositioning@sbcglobal.net>, size=1501, nrcpt=1 (queue act
ive)
Jul 24 14:51:58 mail postfix/qmgr[829]: 378D62069:
from=<exertsacrid@verizon.net>, size=2018, nrcpt=1 (queue active)
Jul 24 14:51:58 mail postfix/qmgr[829]: 382CE1ECA:
from=<ashlandanita@bigpond.com>, size=1566, nrcpt=1 (queue active)
Jul 24 14:51:58 mail postfix/qmgr[829]: 3A568210F:
from=<tattlerandre@ameritech.net>, size=1644, nrcpt=1 (queue active)
Jul 24 14:51:58 mail postfix/qmgr[829]: 3B03E2139:
from=<taxpayerpoliter@optonline.net>, size=1606, nrcpt=1 (queue active)
Jul 24 14:51:58 mail postfix/qmgr[829]: 3C20B2202:
from=<poundercountless@juno.com>, size=1625, nrcpt=1 (queue active)
Jul 24 14:51:58 mail postfix/qmgr[829]: 3D9FE1F59:
from=<satedtesticles@prodigy.net>, size=1501, nrcpt=1 (queue active)
Jul 24 14:51:58 mail postfix/qmgr[829]: 3DD6C20BC:
from=<tastercrosser@cs.com>, size=1892, nrcpt=1 (queue active)
Jul 24 14:51:58 mail postfix/qmgr[829]: 3E55621C1:
from=<cortegeboyishness@sympatico.ca>, size=1587, nrcpt=1 (queue active)
Jul 24 14:51:58 mail postfix/qmgr[829]: 3EE0D200B:
from=<boeotianplover@cablespeed.com>, size=1822, nrcpt=1 (queue active)
Jul 24 14:51:58 mail postfix/qmgr[829]: 3E2272036:
from=<bratbordello@bellsouth.net>, size=1888, nrcpt=1 (queue active)
Jul 24 14:51:58 mail postfix/qmgr[829]: 3FF3E1FF7:
from=<breakersexecrate@bellsouth.net>, size=1832, nrcpt=1 (queue active)
Jul 24 14:51:58 mail postfix/qmgr[829]: 3FF7E20D4:
from=<tearfuladsorbing@swbell.net>, size=1954, nrcpt=1 (queue active)
Jul 24 14:51:58 mail postfix/qmgr[829]: 3F234229C:
from=<bostonianmediation@cs.com>, size=1629, nrcpt=1 (queue active)
Jul 24 14:51:58 mail postfix/qmgr[829]: 402E72079:
from=<credencehygiene@ameritech.net>, size=1585, nrcpt=1 (queue active)
Jul 24 14:51:58 mail postfix/qmgr[829]: 409DD208A:
from=<adductionterminates@sympatico.ca>, size=1885, nrcpt=1 (queue active)
Jul 24 14:51:58 mail postfix/qmgr[829]: 404E21DB2:
from=<tendermenfolk@verizon.net>, size=1999, nrcpt=1 (queue active)
Jul 24 14:51:58 mail postfix/qmgr[829]: 415F2211A:
from=<sauterneaccusal@verizon.net>, size=1652, nrcpt=1 (queue active)
Jul 24 14:51:58 mail postfix/qmgr[829]: 422711F5D:
from=<meltedhoy@bellsouth.net>, size=1502, nrcpt=1 (queue active)
Jul 24 14:51:58 mail postfix/qmgr[829]: 425A31F2C:
from=<meteoritebrazilian@cablespeed.com>, size=1551, nrcpt=1 (queue active
)
Jul 24 14:51:58 mail postfix/qmgr[829]: 43371211F:
from=<huskedteammate@charter.net>, size=1800, nrcpt=1 (queue active)
Jul 24 14:51:58 mail postfix/qmgr[829]: 445062082:
from=<saturatescrouching@charter.net>, size=1897, nrcpt=1 (queue active)
Jul 24 14:51:58 mail postfix/qmgr[829]: 46D541E9B:
from=<schoolingsavagely@cox.net>, size=1586, nrcpt=1 (queue active)
Jul 24 14:51:58 mail postfix/qmgr[829]: 4618221B2:
from=<activitytassels@netzero.net>, size=1563, nrcpt=1 (queue active)
Jul 24 14:51:58 mail postfix/qmgr[829]: 479C62126:
from=<expendableanselm@optonline.net>, size=1576, nrcpt=1 (queue active)

-- 
Check the headers for your unsubscription address
For additional commands send e-mail to suse-linux-e-help@suse.com
Also check the archives at http://lists.suse.com
Please read the FAQs: suse-linux-e-faq@suse.com

• Previous message: Bill Wisse: "Re: [SLE] New SD Card Reading Problem"
• In reply to: Anders Johansson: "Re: [SLE] Stopping open mail relay in SuSE standard server."
• Next in thread: Faber Fedor: "[SLE] Re: Stopping open mail relay in SuSE standard server."
• Reply: Faber Fedor: "[SLE] Re: Stopping open mail relay in SuSE standard server."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages Re: Just started seeing "stat=Local configuration error" in maillog ... >has an MX record pointing to my mail server. ... that if you are the primary MX for a domain, your config should specify ... in the FAQ entry again... ... (comp.mail.sendmail) Re: Honesty about some exim mistakes ... stuck with the task and I need an enterprise-size mail server. ... server mgmt for web hosting. ... otherwise easy to read config. ... To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx with a subject of "unsubscribe". ... (Debian-User) Re: Sendmail question ... config a secondary one, but perhaps it will permit you config it. ... Asunto: Sendmail question ... configure a secondary mail server in case the primary mail server is down. ... If you wish to confirm the origin or content of this communication, ... (AIX-L) Re: Honesty about some exim mistakes ... Virtual domains are a big concern to me..I may be brand new at this but I'm ... stuck with the task and I need an enterprise-size mail server. ... otherwise easy to read config. ... I had before yet because I gave up on the sucking autoconfig and haven't ... (Debian-User) Re: [SLE] Stopping open mail relay in SuSE standard server. ... Bruce Marshall wrote: ... >>I'm trying to set up a mail server for a small company. ... >>the O'Reilly Postfix book, it is already configured to not relay, but it ... I plan to go in and verify ... (SuSE)