Mailinglist Archive: opensuse-security (448 mails)
| < Previous | Next > |
Re: [suse-security] sendmail relays by default
- From: Charles Philip Chan <cpchan@xxxxxxxxxxxx>
- Date: Mon, 20 May 2002 02:20:31 -0400
- Message-id: <20020520022031.113a81ec.cpchan@xxxxxxxxxxxx>
On Sun, 19 May 2002 19:10:27 -0700
Jim Osborn <jimo@xxxxxxxxxx> wrote:
> I've read many, many places that as of v8.9.3, sendmail does not relay
> by default.
Yes, this is true. I am using SuSE's Sendmail 8.12.3 and it passes all
the test at:
http://www.abuse.net/relay.html
All the domains and hosts that are allowed to relay are now put in
/etc/mail/relay-domains.
> To my surprise, I was informed by a relay testing server
> that I was running an open relay, and, sure enough, my sendmail DOES
> relay.
This is really strange, do you have a proxy or a forwarder sitting
between the Internet and the mailer daemon? This will give false
positives, I can attest to that first hand.
You might also want to check your sendmail.cf to see if for some strange
reason:
promiscuous_relay
is turned on.
> I had a line "127 RELAY" in /etc/mail/access,
This line is a default and does not affect things.
If you want to you can send me your sendmail.cf and submit.cf and see if
I can find anything.
Charles
--
"Nature abhors a Vacuum"
-- Brian Behlendorf on OSS (Open Sources, 1999 O'Reilly and
Associates)
Jim Osborn <jimo@xxxxxxxxxx> wrote:
> I've read many, many places that as of v8.9.3, sendmail does not relay
> by default.
Yes, this is true. I am using SuSE's Sendmail 8.12.3 and it passes all
the test at:
http://www.abuse.net/relay.html
All the domains and hosts that are allowed to relay are now put in
/etc/mail/relay-domains.
> To my surprise, I was informed by a relay testing server
> that I was running an open relay, and, sure enough, my sendmail DOES
> relay.
This is really strange, do you have a proxy or a forwarder sitting
between the Internet and the mailer daemon? This will give false
positives, I can attest to that first hand.
You might also want to check your sendmail.cf to see if for some strange
reason:
promiscuous_relay
is turned on.
> I had a line "127 RELAY" in /etc/mail/access,
This line is a default and does not affect things.
If you want to you can send me your sendmail.cf and submit.cf and see if
I can find anything.
Charles
--
"Nature abhors a Vacuum"
-- Brian Behlendorf on OSS (Open Sources, 1999 O'Reilly and
Associates)
| < Previous | Next > |