Mailinglist Archive: opensuse-security (448 mails)

< Previous Next >
Re: [suse-security] sendmail relays by default
  • From: Charles Philip Chan <cpchan@xxxxxxxxxxxx>
  • Date: Mon, 20 May 2002 02:20:31 -0400
  • Message-id: <20020520022031.113a81ec.cpchan@xxxxxxxxxxxx>
On Sun, 19 May 2002 19:10:27 -0700
Jim Osborn <jimo@xxxxxxxxxx> wrote:

> I've read many, many places that as of v8.9.3, sendmail does not relay
> by default.

Yes, this is true. I am using SuSE's Sendmail 8.12.3 and it passes all
the test at:

http://www.abuse.net/relay.html

All the domains and hosts that are allowed to relay are now put in
/etc/mail/relay-domains.

> To my surprise, I was informed by a relay testing server
> that I was running an open relay, and, sure enough, my sendmail DOES
> relay.

This is really strange, do you have a proxy or a forwarder sitting
between the Internet and the mailer daemon? This will give false
positives, I can attest to that first hand.

You might also want to check your sendmail.cf to see if for some strange
reason:

promiscuous_relay

is turned on.

> I had a line "127 RELAY" in /etc/mail/access,

This line is a default and does not affect things.

If you want to you can send me your sendmail.cf and submit.cf and see if
I can find anything.

Charles

--
"Nature abhors a Vacuum"

-- Brian Behlendorf on OSS (Open Sources, 1999 O'Reilly and
Associates)

< Previous Next >
References