Franck a écrit :
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hello,
Une nouvelle version de mon script d'installation de qmail vient de
sortir. Beaucoup de correction de bugs dans cette nouvelle version.
Questionna stupida : quel avantage par rapport aux paquets debian.src ?
dpkg -l qmail* | grep ii
ii qmail 1.03-31 Secure, reliable, efficient, simple
mail tra
ii qmail-qfilter 1.5-2 qmail-queue filter front end
ii qmail-src 1.03-31 Source only package for building qmail
binar
ii qmailadmin 1.0.6-1 web interface for managing qmail with
virtua
ii qmailanalog-in 0.70-1 Installer package for building
qmailanalog b
ii qmailmrtg7 3.4-4 qmail mrtg graph generator
Bon, évidemment, ma question n'est pas tout à fait innocente, car j'ai
quelques soucis avec ledit qmail ;)
Une question en passant (heu, si quelqu'un d'autre sait répondre, je
n'ai rien contre :-p
Est-ce que qmail est en open-relay par défaut ? En effet, je viens de
recevoir ça (qmail installé depuis 1 semaine) :
Hi. This is the qmail-send program at bodhidharma.loka.
# bodhidharma.loka est ma passerelle/firewall qui héberge également
qmail
I'm afraid I wasn't able to deliver your message to the following
addresses.
This is a permanent error; I've given up. Sorry it didn't work out.
<root@mx1.apol.com.tw>:
Connected to 203.79.224.112 but sender was rejected.
Remote host said: 550 5.0.0 Not allow access from 81.185.160.10 at
20040511-20:35:42
# 81.185.160.10 => mon IP du moment
--- Below this line is a copy of the message.
Return-Path: <nobody@bodhidharma.loka>
Received: (qmail 18497 invoked from network); 11 May 2004 12:36:50 -0000
Received: from unknown (HELO mx1.apol.com.tw) (203.79.224.112)
by 81.185.160.10 with SMTP; 11 May 2004 12:36:50 -0000
To: root@mx1.apol.com.tw
From: nobody@[81.185.160.10]
Subject: test for susceptibility to third-party mail relay
Date: Tue, 11 May 2004 12:34:02 GMT
Message-Id: <rlytest-1084278842-6299@mx1.apol.com.tw>
Sender: root@mx1.apol.com.tw
This message is a test probe, to ensure that your mail server is secured
against third-party mail relay. This is NOT an attempt to hack or
crack your system, but just to ensure the system are secured against
this common vulnerability. This test usually is performed by a system
administrator who is trying to determine the source of a spam email.
A well-configured mail server should NOT relay third-party email.
Otherwise, the server is subject to attack and hijack by Internet vandals
and spammers. For information on how to secure a mail server against
third-party relay, visit <URL: http://mail-abuse.org/tsi/>.
This probe was generated by the "rlytest" utility. For more information,
visit <URL: http://www.unicom.com/sw/rlytest/>.
Target host = 81.185.160.10
Test performed by <root@mx1.apol.com.tw>
If you have any concern about this test, please contact the person listed
in the "test performed by" line above.
En complément, je trouve, dans mes logs de qmail pas mal de messages
avec une erreur 550 (610 ce matin) et )évidemment, ce n'est pas moi qui
les ai envoyés :(
D'où ma question, qui a un complément : comment faire pour ne plus être
en open-relay (si tel est le cas)... Bien sûr, je peux envoyer une
partie des logs concernés pour info, si besoin est.
Claude