Project Gamera

[stephen]

Scott;

Ran into a problem have 2 GP boxes running, we have been listed as an open relay, i can replicate issue by telnet host 25

helo
mail from: someluser@domain.com
rcpt to: "anotheremail@domain.com"@ourdomain.com
data
blah blah
.

drawing blanks cant think of a way to stop it.

[scott]

are you sure its an open relay? there are some false positive reports you'll get from some of the automated scanners

[stephen]

Scott;

I have sent a test email using what i listed above except i used your email address to perform this. let me know what you think, i am not sure what to do but soon our users are going to start getting blocked.

[scott]

I didnt get anything

[cormander]

Another false posotive, is this:

helo
mail from: corman@mydomain.com
rcpt to: corman%yourdomain.com
data
blah blah
.

There is the "percent hack" patch for qmail to make this give the rcpthosts error, perhaps there is a patch for your false posotive as well?

Systems that detect "open relays" should really actually attempt delivery of a message, and not assume that since the server said "ok", that it's going to actually deliver it.

But this isn't a perfect world.

-Corey

[stephen]

well unfortunately ordb.org ran a test and recieved its message back maybe i fixed it...... not sure what the hell i did. :/ sometimes i really hate email.

[stephen]

Just re-tested and still an open relay, now even though qmail-showctl shows percent hack not allowed it appears to be allowing this :/ any ideas the servers are only responding for 2 main domains and thats reflected in rcpthosts file and smtproute.

[scott]

Honestly Id have to see the system first hand, sounds like some mistakes in the configuration somewhere.