Simpler Navigation for Servers and Operating Systems - Please Update Your Bookmarks
Completed: a much simpler Servers and Operating Systems section of the Community. We combined many of the older boards, so you won't have to click through so many levels to get at the information you need. Check the consolidated boards here as many sub-forums are now single boards.
If you have bookmarked forums or discussion boards in Servers and Operating Systems, we suggest you check and update them as needed.
cancel
Showing results for 
Search instead for 
Did you mean: 

sendmail anti-relaying

Bob Davis
Occasional Advisor

sendmail anti-relaying

Can someone tell me how to check anti-relaying in -bt mode?
If I enter

it passes. Should I be using another ruleset?

Is there another rule that could override the check_rcpt rule? I'm using 8.8.6.

Thanks.
7 REPLIES
Christopher Caldwell
Honored Contributor

Re: sendmail anti-relaying

Uncomment the spam rulesets in sendmail.cf (they're marked - search for Spam).

It looks like you're missing check_relay/check_mail:

# The rules for supporting anti-spamming are check_mail, check_rcpt #
# and check_relay.
Craig Rants
Honored Contributor

Re: sendmail anti-relaying

Bob,
Upgrade to 8.9.3 and anti-relaying is automatic. You can then specify in the /etc/mail/relay-domains file which domains you want to relay if any.

Even thought the patch for 8.9.3 has been recalled by HP, I would still use it. The reason it was recalled was that if it had more than 3000 concurrent connections it would fail. I don't know about you but our company is large and we don't get that may at a time.

Good Luck,
C
"In theory, there is no difference between theory and practice. But, in practice, there is. " Jan L.A. van de Snepscheut
Bob Davis
Occasional Advisor

Re: sendmail anti-relaying

The spam rulesets are uncommented, they're just not working. The same cf file blocks relaying on a test box. I can block users and domains, but the anti-relaying isn't working. It's as if the remove_local isn't working.
Christopher Caldwell
Honored Contributor

Re: sendmail anti-relaying

I assume you stop/started sendmail?

If so, why don't you post a sanitized version of sendmail.cf so we can have a look.
someone_4
Honored Contributor

Re: sendmail anti-relaying

ok I just did this fix on 8.8.6.

Here is what you need to add and this will stop the relay.
Comment everything that you have for Scheck_rcpt and add this:

Scheck_rcpt
# first: get client addr
R$+ $: $(dequote "" $&{client_addr} $) $| $1
R0 $| $* $@ ok no client addr: directly invoked
R$={LocalIP}$* $| $* $@ ok from here
# not local, check rcpt
R$* $| $* $: $>3 $2
# remove local part, maybe repeatedly
R$+ $:$>removelocal $1
# still something left?
R$*<@$+>$* $#error $@ 5.7.1 $: 550 we do not relay

Sremovelocal
# remove RelayTo part (maybe repeatedly)
R$*<@$*$={RelayTo}.>$* $>3 $1 $4
R$*<@$=w.>$* $: $>removelocal $>3 $1 $3
R$*<@$*>$* $@ $1<@$2>$3
# dequote local part
R$- $: $>3 $(dequote $1 $)
R$*<@$*>$* $: $>removelocal $1<@$2>$3

Also you can set up LocalIP and Local names dont forget to restart sendmail.
If you have problems post them. And make sure you back up your sendmail.cf file


someone_4
Honored Contributor

Re: sendmail anti-relaying

Ohh ..
I misread your post. DOOH! ..
to test a mail hack from
telnet to your server to port 25.

ip.add.of.server 25
you will get
Trying...
Connected to ip.add.of.server.
Escape character is '^]'.

and then you will have a promt
type
helo mail.com
and you will get a hello back.
Then type
mail from:
you will get
250 ... Sender ok

then type
rcpt to:<"yourname@domain.com"@[ip.of.mail.server]>
you will get
250 >... Recipient ok
type
data
you will get
354 Enter mail, end with "." on a line by itself

then type your message end with a .

test
.
250 PAA24408 Message accepted for delivery
quit


Or you can go to http://www.ordb.org/
but if you fail then you will be blacklisted.We were blacklisted and I aplied that fix retested and passed,
let me know if you get it.
Christopher Caldwell
Honored Contributor

Re: sendmail anti-relaying

BTW,
To test the anti-relaying ruleset on host A, you'll have to
1) be on host B that's not permitted to relay by hosta A
2) send a test e-mail that won't eventually get delivered to host A (i.e. host A would act as a relay).

If you're on host A (a.com), and you gen a message from someone@b.com to someone@c.com where neither b.com or c.com are considered local by host A, you won't trip the relay rulesets, since e-mail generated locally and delivered remotely won't be considered relayed, despite what envelope headers might indicate.