... this test just looks at the status-message from the server ...220 =
okay, but what matters is, whether a mail is delivered through your server
or not ... qmail says 220, meaning it accepts the mail for delivery but
according to the configuration it is not able to deliver this mail to the
recipient so it it will bounce it back ...
... a real relay test should try to send real mails and only if a real mail
is relayed, your server is really an open relay ... sounds reasonable, not?
fischers fritz ...:-)
best regards ...reto inversini
---- Original Message -----
From: "Mike Garabedian"
Check this out...I set the rcpt hosts file, and put it in qmail...and my tests worked, so I went to the mail-abuse website and ran a test and this is what happened...it seems that if they use my ip number it will go through. Connecting to 66.13.54.178 ... <<< 220 emergyscorp.com ESMTP <<< 220 emergyscorp.com ESMTP
HELO cygnus.mail-abuse.org <<< 250 emergyscorp.com :Relay test: #Quote test >>> mail from:
<<< 250 ok rcpt to: <"nobody@mail-abuse.org"> <<< 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1) rset <<< 250 flushed :Relay test: #Test 1 >>> mail from: <<< 250 ok rcpt to: <<< 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1) rset <<< 250 flushed :Relay test: #Test 2 >>> mail from: <<< 250 ok rcpt to: <<< 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1) rset <<< 250 flushed :Relay test: #test 3 >>> mail from: <<< 250 ok rcpt to: <<< 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1) rset <<< 250 flushed :Relay test: #Test 4 >>> mail from: <spamtest> <<< 250 ok rcpt to: <<< 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1) rset <<< 250 flushed :Relay test: #Test 5 >>> mail from: <> <<< 250 ok rcpt to: <<< 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1) rset <<< 250 flushed :Relay test: #Test 6 >>> mail from: <<< 250 ok rcpt to: <<< 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1) rset <<< 250 flushed :Relay test: #Test 7 >>> mail from: <<< 250 ok rcpt to: <<< 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1) rset <<< 250 flushed :Relay test: #Test 8 >>> mail from: <<< 250 ok rcpt to: <<< 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1) rset <<< 250 flushed :Relay test: #Test 9 >>> mail from: <<< 250 ok rcpt to: <<< 250 ok QUIT <<< 221 emergyscorp.com Tested host banner: 220 emergyscorp.com ESMTP System appeared to accept 1 relay attempts How do I stop that? -----Original Message----- From: Reto Inversini [mailto:inversini@datacomm.ch] Sent: Tuesday, February 05, 2002 1:51 PM To: suse-security@suse.com Subject: Re: [suse-security] Directory listing....
hi mike,
I guess you mean that one can browse the directories of the webserver? Check your httpd.conf or simply put an index.html in every directory. For further information we need to know your exact configuration (which webserver, your httpd.conf, etc.).
qmail doesn't do any relaying by default. check your rcpthosts file. for further information on configuring qmail, check www.qmail.org and http://www.lifewithqmail.org/ or, more specifically on relaying: http://www.palomine.net/qmail/relaying.html ...
best regards reto inversini
----- Original Message ----- From: "Mike Garabedian"
To: "Suse-Security" Sent: Tuesday, February 05, 2002 7:38 PM Subject: [suse-security] Directory listing.... ...I did a test of my network and found a few linux holes...can someone tell me how to find out about shutting off directory listings, because the test said my scripts directory is showing.
And I am having trouble with relaying with qmail...I want it off totally, I just want people to get their pop3 mail and logoff.
Any ideas?
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com