Re: how to make sure that anti-relaying is in place

To: debian-user@lists.debian.org
Subject: Re: how to make sure that anti-relaying is in place
From: harlan@artselect.com (Pete Harlan)
Date: Fri, 5 Jul 2002 16:26:24 -0500
Message-id: <[🔎] 20020705212624.GA18048@artselect.com>
In-reply-to: <[🔎] 20020705172726.GC11970@dman.ddts.net>
References: <[🔎] 1025860929.3214.27.camel@vishnu> <[🔎] 20020705144715.GA8126@localhost> <[🔎] 1025882967.3100.62.camel@vishnu> <[🔎] 3D25C658.1040006@techhouse.org> <[🔎] 20020705172726.GC11970@dman.ddts.net>

On Fri, Jul 05, 2002 at 12:27:26PM -0500, Derrick 'dman' Hudson wrote:
> On Fri, Jul 05, 2002 at 12:16:24PM -0400, Travis Crump wrote:
> 
> | I tried this and it gave me:
> | :Relay test: #Test 9
> | >>> mail from: <spamtest@207-8-229-57.pe2996-1.ppp.talon.net>
> | <<< 250 <spamtest@207-8-229-57.pe2996-1.ppp.talon.net> is syntactically 
> | correct
> | >>> rcpt to: <nobody%mail-abuse.org@[207.8.229.57]>
> | <<< 250 <nobody%mail-abuse.org@[207.8.229.57]> is syntactically correct
> | >>> QUIT
> | <<< 221 Pretzalz closing connection
> | Tested host banner: 220 Pretzalz ESMTP Exim 3.35 #1 Fri, 05 Jul 2002 
> | 12:12:09 -0400
> | System appeared to accept 1 relay attempts
> | 
> | Is this something to be concerned about?
> 
> Yes.
> 
> (from spec.txt , exim v3)
> 
> percent_hack_domains          Type: domain list                Default: unset
> 
>     The 'percent hack' is the convention whereby a local part containing a
>     percent sign is re-interpreted as a remote address, with the percent
>     replaced by @. This is sometimes called 'source routing', though that term
>     is also applied to RFC 822 addresses that begin with an @ character. If
>     this option is set, Exim implements the percent facility for those local
>     domains listed, but no others. The option can be set to '*' to allow the
>     percent hack for all local domains.
> 
>     If options are set to control message relaying from incoming SMTP
>     envelopes, they are also applied to relaying that is requested via the
>     'percent hack'. See section 46.4.
> 
> 
> 
> set
> 
> percent_hack_domains = :
> 
> in your exim.conf to disable that sort of relaying.
> 
> -D

Thank you for your help (here and elsewhere).  This particular fix
made no difference for our setup, with default (but slightly out of
date) exim configuration files.  I regenerated the config files and
found that the addition of:

	# Attempt to verify recipient address before receiving mail, so that mails
	# to invalid addresses are rejected rather than accepted and then bounced.
	# Apparently some spammers are abusing servers that accept and then bounce
	# to send bounces containing their spam to people.

	receiver_try_verify = true

in the newer config file made the difference.  Our site now passes all
the "telnet relay-test.mail-abuse.org" tests.

--Pete


-- 
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- how to make sure that anti-relaying is in place
  - From: Shri Shrikumar <shri@urbyte.com>
- Re: how to make sure that anti-relaying is in place
  - From: christophe barbé <christophe.barbe.ml@online.fr>
- Re: how to make sure that anti-relaying is in place
  - From: Shri Shrikumar <shri@urbyte.com>
- Re: how to make sure that anti-relaying is in place
  - From: Travis Crump <pretzalz@techhouse.org>
- Re: how to make sure that anti-relaying is in place
  - From: Derrick 'dman' Hudson <dman@dman.ddts.net>

Prev by Date: CUPS printing, drivers and ppd's
Next by Date: Re: Laptop mounting nfs
Previous by thread: Re: how to make sure that anti-relaying is in place
Next by thread: Re: how to make sure that anti-relaying is in place
Index(es):
- Date
- Thread