Re: how to make sure that anti-relaying is in place
On Fri, Jul 05, 2002 at 12:27:26PM -0500, Derrick 'dman' Hudson wrote:
> On Fri, Jul 05, 2002 at 12:16:24PM -0400, Travis Crump wrote:
>
> | I tried this and it gave me:
> | :Relay test: #Test 9
> | >>> mail from: <spamtest@207-8-229-57.pe2996-1.ppp.talon.net>
> | <<< 250 <spamtest@207-8-229-57.pe2996-1.ppp.talon.net> is syntactically
> | correct
> | >>> rcpt to: <nobody%mail-abuse.org@[207.8.229.57]>
> | <<< 250 <nobody%mail-abuse.org@[207.8.229.57]> is syntactically correct
> | >>> QUIT
> | <<< 221 Pretzalz closing connection
> | Tested host banner: 220 Pretzalz ESMTP Exim 3.35 #1 Fri, 05 Jul 2002
> | 12:12:09 -0400
> | System appeared to accept 1 relay attempts
> |
> | Is this something to be concerned about?
>
> Yes.
>
> (from spec.txt , exim v3)
>
> percent_hack_domains Type: domain list Default: unset
>
> The 'percent hack' is the convention whereby a local part containing a
> percent sign is re-interpreted as a remote address, with the percent
> replaced by @. This is sometimes called 'source routing', though that term
> is also applied to RFC 822 addresses that begin with an @ character. If
> this option is set, Exim implements the percent facility for those local
> domains listed, but no others. The option can be set to '*' to allow the
> percent hack for all local domains.
>
> If options are set to control message relaying from incoming SMTP
> envelopes, they are also applied to relaying that is requested via the
> 'percent hack'. See section 46.4.
>
>
>
> set
>
> percent_hack_domains = :
>
> in your exim.conf to disable that sort of relaying.
>
> -D
Thank you for your help (here and elsewhere). This particular fix
made no difference for our setup, with default (but slightly out of
date) exim configuration files. I regenerated the config files and
found that the addition of:
# Attempt to verify recipient address before receiving mail, so that mails
# to invalid addresses are rejected rather than accepted and then bounced.
# Apparently some spammers are abusing servers that accept and then bounce
# to send bounces containing their spam to people.
receiver_try_verify = true
in the newer config file made the difference. Our site now passes all
the "telnet relay-test.mail-abuse.org" tests.
--Pete
--
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: