On Sat, Apr 26, 2003 at 10:56:58AM +0200, Carsten Becher wrote:
I?ve a mailserver running at home (for 2 clients - nothing serious), SuSE 7.2.
Is it "visible" from the Internet, or is there a router/firewall between your LAN mailserver and the Internet? In the second case you do not have any problem, if the router does not forward requests from outside. If your mailserver is connected directly to the Internet (which I do not recommend), then you must be very accurate installing all necessary patches to all the services this server offers (and limiting these services as strictly as possible). And you should use the SuSE firewall to block all accesses from outside which are not iniciated from inside.
I?ve already restrictet access by using the /etc/mail/access to 192.168 . That?s enough or should i do something more?
Hm; normally sendmail in the standard installation does not relay to any other destination. So you must have done something to change that behaviour. What have you done? What exactly was your change in /etc/mail/access?
Background is, i got me this message by my system :
----- The following addresses had permanent fatal errors ----- <xxxxxx@xx.xx> (reason: 550 relaying to <johan@mi.cl> prohibited by administrator)
----- Transcript of session follows ----- ... while talking to smtp.kundenserver.de:
RCPT To:<xxxxx@xx.xx>
<<< 550 relaying to <xxxxx@xx.xx> prohibited by administrator 550 5.1.1 <xxxxx@xx.xx>... User unknown
Look?s tight to me, or did i miss something important?
This looks to me like a bounce from the mailserver smtp.kundenserver.de, i.e. that server did not accept a mail coming from you. Did you send that mail? To whom was it sent? What is the domain of your server? Do you use an "smart relay" and which? What are the headers of the bounced mail? Your question simply does not contain all the necessary informations. *If* you are using smtp.kundenserver.de as smart relay *and* you have the problem that that server does not accept your mails to third parties than http://sdb.suse.de/de/sdb/html/sendmail_smtp_auth.html contains the solution. If you leave the mail configuration in its standard form (which does not allow relaying) than your clients still can send their mails using SMTP AUTH via your mail server. This is obviously the safest configuration (if you do not leave an unpatched sendmail-tls or openssl on your mailserver). Gruß, Hatto