HPE Community
Operating System - HP-UX
1753543 Members
5575 Online
108795 Solutions
New Discussion юеВ

Re: sendmail anti-relaying

 
Bob Davis
Occasional Advisor

тАО11-21-2001 07:37 AM

тАО11-21-2001 07:37 AM

sendmail anti-relaying

Can someone tell me how to check anti-relaying in -bt mode?
If I enter

it passes. Should I be using another ruleset?

Is there another rule that could override the check_rcpt rule? I'm using 8.8.6.

Thanks.
0 Kudos
Reply
7 REPLIES 7
Christopher Caldwell
Honored Contributor

тАО11-21-2001 07:46 AM

тАО11-21-2001 07:46 AM

Re: sendmail anti-relaying

Uncomment the spam rulesets in sendmail.cf (they're marked - search for Spam).

It looks like you're missing check_relay/check_mail:

# The rules for supporting anti-spamming are check_mail, check_rcpt #
# and check_relay.
0 Kudos
Reply
Craig Rants
Honored Contributor

тАО11-21-2001 07:51 AM

тАО11-21-2001 07:51 AM

Re: sendmail anti-relaying

Bob,
Upgrade to 8.9.3 and anti-relaying is automatic. You can then specify in the /etc/mail/relay-domains file which domains you want to relay if any.

Even thought the patch for 8.9.3 has been recalled by HP, I would still use it. The reason it was recalled was that if it had more than 3000 concurrent connections it would fail. I don't know about you but our company is large and we don't get that may at a time.

Good Luck,
C
"In theory, there is no difference between theory and practice. But, in practice, there is. " Jan L.A. van de Snepscheut
0 Kudos
Reply
Bob Davis
Occasional Advisor

тАО11-21-2001 07:54 AM

тАО11-21-2001 07:54 AM

Re: sendmail anti-relaying

The spam rulesets are uncommented, they're just not working. The same cf file blocks relaying on a test box. I can block users and domains, but the anti-relaying isn't working. It's as if the remove_local isn't working.
0 Kudos
Reply
Christopher Caldwell
Honored Contributor

тАО11-21-2001 08:03 AM

тАО11-21-2001 08:03 AM

Re: sendmail anti-relaying

I assume you stop/started sendmail?

If so, why don't you post a sanitized version of sendmail.cf so we can have a look.
0 Kudos
Reply
someone_4
Honored Contributor

тАО11-21-2001 08:24 AM

тАО11-21-2001 08:24 AM

Re: sendmail anti-relaying

ok I just did this fix on 8.8.6.

Here is what you need to add and this will stop the relay.
Comment everything that you have for Scheck_rcpt and add this:

Scheck_rcpt
# first: get client addr
R$+ $: $(dequote "" $&{client_addr} $) $| $1
R0 $| $* $@ ok no client addr: directly invoked
R$={LocalIP}$* $| $* $@ ok from here
# not local, check rcpt
R$* $| $* $: $>3 $2
# remove local part, maybe repeatedly
R$+ $:$>removelocal $1
# still something left?
R$*<@$+>$* $#error $@ 5.7.1 $: 550 we do not relay

Sremovelocal
# remove RelayTo part (maybe repeatedly)
R$*<@$*$={RelayTo}.>$* $>3 $1 $4
R$*<@$=w.>$* $: $>removelocal $>3 $1 $3
R$*<@$*>$* $@ $1<@$2>$3
# dequote local part
R$- $: $>3 $(dequote $1 $)
R$*<@$*>$* $: $>removelocal $1<@$2>$3

Also you can set up LocalIP and Local names dont forget to restart sendmail.
If you have problems post them. And make sure you back up your sendmail.cf file


0 Kudos
Reply
someone_4
Honored Contributor

тАО11-21-2001 08:31 AM - last edited on тАО05-17-2021 08:59 PM by

тАО11-21-2001 08:31 AM - last edited on тАО05-17-2021 08:59 PM by

Re: sendmail anti-relaying

Ohh ..
I misread your post. DOOH! ..
to test a mail hack from
telnet to your server to port 25.

ip.add.of.server 25
you will get
Trying...
Connected to ip.add.of.server.
Escape character is '^]'.

and then you will have a promt
type
helo mail.com
and you will get a hello back.
Then type
mail from:
you will get
250 ... Sender ok

then type
rcpt to:<"yourname@domain.com"@[ip.of.mail.server]>
you will get
250 >... Recipient ok
type
data
you will get
354 Enter mail, end with "." on a line by itself

then type your message end with a .

test
.
250 PAA24408 Message accepted for delivery
quit


Or you can go to http://www.ordb.org/
but if you fail then you will be denied..We were denied and I aplied that fix retested and passed,
let me know if you get it.

0 Kudos
Reply
Christopher Caldwell
Honored Contributor

тАО11-21-2001 10:12 AM

тАО11-21-2001 10:12 AM

Re: sendmail anti-relaying

BTW,
To test the anti-relaying ruleset on host A, you'll have to
1) be on host B that's not permitted to relay by hosta A
2) send a test e-mail that won't eventually get delivered to host A (i.e. host A would act as a relay).

If you're on host A (a.com), and you gen a message from someone@b.com to someone@c.com where neither b.com or c.com are considered local by host A, you won't trip the relay rulesets, since e-mail generated locally and delivered remotely won't be considered relayed, despite what envelope headers might indicate.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.