Re: how to make sure that anti-relaying is in place
Derrick 'dman' Hudson(dman@dman.ddts.net) is reported to have said:
> On Fri, Jul 05, 2002 at 12:16:24PM -0400, Travis Crump wrote:
>
> | I tried this and it gave me:
> | :Relay test: #Test 9
> | >>> mail from: <spamtest@207-8-229-57.pe2996-1.ppp.talon.net>
> | <<< 250 <spamtest@207-8-229-57.pe2996-1.ppp.talon.net> is syntactically
> | correct
> | >>> rcpt to: <nobody%mail-abuse.org@[207.8.229.57]>
> | <<< 250 <nobody%mail-abuse.org@[207.8.229.57]> is syntactically correct
> | >>> QUIT
> | <<< 221 Pretzalz closing connection
> | Tested host banner: 220 Pretzalz ESMTP Exim 3.35 #1 Fri, 05 Jul 2002
> | 12:12:09 -0400
> | System appeared to accept 1 relay attempts
> |
> | Is this something to be concerned about?
>
> Yes.
>
> (from spec.txt , exim v3)
>
> percent_hack_domains Type: domain list Default: unset
>
> The 'percent hack' is the convention whereby a local part containing a
> percent sign is re-interpreted as a remote address, with the percent
> replaced by @. This is sometimes called 'source routing', though that term
> is also applied to RFC 822 addresses that begin with an @ character. If
> this option is set, Exim implements the percent facility for those local
> domains listed, but no others. The option can be set to '*' to allow the
> percent hack for all local domains.
>
> If options are set to control message relaying from incoming SMTP
> envelopes, they are also applied to relaying that is requested via the
> 'percent hack'. See section 46.4.
>
>
>
> set
>
> percent_hack_domains = :
>
> in your exim.conf to disable that sort of relaying.
Not here dman.
:Relay test: #Test 9
>>> mail from: <spamtest@ip-209-23-97-177.modem.logical.net>
<<< 250 <spamtest@ip-209-23-97-177.modem.logical.net> is syntactically correct
>>> rcpt to: <nobody%mail-abuse.org@[209.23.97.177]>
<<< 250 <nobody%mail-abuse.org@[209.23.97.177]> verified
>>> QUIT
<<< 221 susie closing connection
Tested host banner: 220 susie ESMTP Exim 3.35 #1 Fri, 05 Jul 2002 18:40:09 -0400
System appeared to accept 1 relay attempts
I added your above suggestion and it stays the same after an exim force-reload.
I also changed smtp_verify = true & false and still get Test 9 working.
Anything else that I might have wrong?
Wayne
--
DOS Tip #1: Add DEVICE=FNGRCROS.SYS to CONFIG.SYS
_______________________________________________________
--
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: