HPE Community
Operating System - OpenVMS
1752307 Members
5304 Online
108786 Solutions
New Discussion юеВ

Re: TCPIP$SMTP antispam; How to stop spam relayed through virus infected PC's

 
Martin Borgman
Occasional Advisor

тАО04-12-2005 06:00 AM

тАО04-12-2005 06:00 AM

Re: TCPIP$SMTP antispam; How to stop spam relayed through virus infected PC's

Hi Willem,

In the TCP/IP management guide you can read the following:

Relay-Based-On-Mx TRUE or FALSE.

If TRUE, the SMTP server accepts relays from unknown clients to recipients where the recipient's domain has an MX record naming the local host as a gateway.

The spam I,m referring to is targeted at users in my mail domain.

So this rule will not help.
0 Kudos
Reply
Willem Grooters
Honored Contributor

тАО04-12-2005 10:26 PM

тАО04-12-2005 10:26 PM

Re: TCPIP$SMTP antispam; How to stop spam relayed through virus infected PC's



so you'll have to block the outside world.

What you could do is to create your own RBL and specify that one, containg the addresses you know to be infected PC.s Daunting task - if the address is often changing!

How did you start SMTP by the way? /NORELAY, I think (not relaying as you said) but IIRC the default was /RELAY in an earlier version. And if your clients connect to your server for outgoing mail, it must be set up /RELAY (or am I mistaken?)
Willem Grooters
OpenVMS Developer & System Manager
0 Kudos
Reply
Willem Grooters
Honored Contributor

тАО04-12-2005 10:32 PM

тАО04-12-2005 10:32 PM

Re: TCPIP$SMTP antispam; How to stop spam relayed through virus infected PC's

try to block :
alemail.com
*.outblaze.com
205.158.62.177
205.158.*.* (This may impose false positives - but chances are pretty low, I think)
Willem Grooters
OpenVMS Developer & System Manager
0 Kudos
Reply
Martin Borgman
Occasional Advisor

тАО04-13-2005 06:37 AM

тАО04-13-2005 06:37 AM

Re: TCPIP$SMTP antispam; How to stop spam relayed through virus infected PC's

Hi Willem,

>
>
> so you'll have to block the outside world.

Yes!

> What you could do is to create your own RBL and specify > that one, containg the addresses you know to be
> infected PC.s Daunting task - if the address is often
> changing!

You can achieve the same thing by making them Bad-Clients

> How did you start SMTP by the way? /NORELAY, I think > (not relaying as you said) but IIRC the default was
>/ RELAY in an earlier version. And if your clients connect
> to your server for outgoing mail, it must be set up
> /RELAY (or am I mistaken?)

And I would like to add that the RELAY option is, in most cases, not the one you need to stop your server from relaying mail.
To answer the rest your question:

TCPIP SMTP configuration data:
Server-Nodes : NYNODE
Queue-Name : TCPIP$SMTP_MYNODE_00
Alternate-Gateway :
General-Gateway :
Substitute-Domain :
Zone :
Postmaster-Alias : Postmaster
Postmaster-Forwards-To : SYSTEM
Foreign-Transport-Synonyms :
Initial-Interval : 0 00:30:00.00
Retry-Interval : 0 01:00:00.00
Retry-Maximum : 3 00:00:00.00
Receive-Timeout : 5
Retry-Address : 16
Hop-Count : 16
Symbiont-Snapshot-Blocks : 0
Receiver-Snapshot-Blocks : 0
Utilities-Snapshot-Blocks : 0
Send-Timeout-Init : 5
Send-Timeout-Mail : 5
Send-Timeout-Rcpt : 5
Send-Timeout-Data : 3
Retry-Address : 16
Hop-Count : 16
Symbiont-Snapshot-Blocks : 0
Receiver-Snapshot-Blocks : 0
Utilities-Snapshot-Blocks : 0
Send-Timeout-Init : 5
Send-Timeout-Mail : 5
Send-Timeout-Rcpt : 5
Send-Timeout-Data : 3
Send-Timeout-Term : 10
Log-Level : 2
Receiver-Debug : 0
Receiver-Trace : 0
Symbiont-Debug : 0
Symbiont-Trace : 0
Utilities-Debug : 0
Utilities-Trace : 0
EF-Debug-Level : 0
Channel-Debug-Level : 0
Header-Placement : TOP
Eightbit : FALSE
Relay : TRUE
Altgate-Always : FALSE
Mx-If-Noaltgate : FALSE
No-Mx : FALSE
No-Subs-Domain-Inbound : FALSE
Smtp-Jacket-Local : TRUE
Cent-Sign-Hack : TRUE
Nosey : TRUE
Log-Line-Numbers : FALSE
Memory-Debug : FALSE
Mail$Protocol-Debug : FALSE
CF-Debug : FALSE
Parse-Debug : FALSE
Deliver-VMS-Def-To : FALSE
Deliver-NoXVMS : FALSE
MTS-From-Hack : FALSE
Rewrite-MTS-From : FALSE
Local-Alias-Only : FALSE
Relay-Based-On-Mx : FALSE
Reject-Unbacktranslatable-IP : TRUE
Accept-Unqualified-Senders : FALSE
Accept-Unresolvable-Domains : FALSE
SFF-Requires-Priv : FALSE
8BitMIME-Hack : FALSE
Suppress-Version-Info : FALSE
Symbiont-Checks-Deliverability: TRUE

Other TCPIP SMTP environment data:
SMTP Software Username : TCPIP$SMTP
SMTP Software Default Director: SYS$SPECIFIC:[TCPIP$SMTP]
Symbiont Log File : SYS$SPECIFIC:[TCPIP$SMTP]TCPIP$SMTP_LOGFILE.LOG

And yes, this configuration does not relay mail as you can see in the relay test I ran a few days ago.
0 Kudos
Reply
Martin Borgman
Occasional Advisor

тАО04-13-2005 06:50 AM

тАО04-13-2005 06:50 AM

Re: TCPIP$SMTP antispam; How to stop spam relayed through virus infected PC's

Hi Willem,

> try to block :
> alemail.com

Well, this part changes with every mail I receive. No point in blocking it.

> *.outblaze.com

Well, I tried mr.outblaze.com and it didn't help. I didn't expect it to help, but what the heck.

> 205.158.62.177
> 205.158.*.* (This may impose false positives - but
> chances are pretty low, I think)

This unfortunately doesn't work in the Reject-Mail-From setting.

By the way. To make any of the settings in SMTP.CONFIG work, you have to set the SMTP RELAY option.

TCPIP> SMTP SET CONFIGURATION/OPTION=RELAY
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.