On Thu, Jul 18, 2002 at 08:57:58AM -0500, Kent West wrote:
| My network security honcho just came in and told me that according to
| ORDB, my Debian box is an open relay. Am I really a relay, and how do I
| tighten up the security if I am? Thanks!
|
| Here's the message that ORDB sent to me:
| >For details about the test results, please refer to
| ><http://ORDB.org/lookup/?host=150.252.128.51>.
The reason is this :
X-ORDB-Envelope-To: marvin%marvin.ordb.org@westek.acu.edu
You're susceptible to the "percent hack" thing. Remember test #9 from
a few weeks ago? The domain literal setting has nothing to do with
it. It would _appear_ to be fixed to that tester because it didn't
know your actual domain. (there is no domain literal in the above
address, hence that setting has no effect on it)
| Here's what I think are probably the relevant snippets from my
| /etc/exim/exim.conf file:
|
| ># Domains we relay for; that is domains that aren't considered local but
| >we # accept mail for them.
| >
| >#relay_domains =
You can uncomment this and leave it set to the empty list (which it
should be by default anyways).
What about "percent_hack_domains"?
Also can you post all the log entries relating to 17V0Qg-00019a-00?
-D
--
A perverse man stirs up dissension,
and a gossip separates close friends.
Proverbs 16:28
http://dman.ddts.net/~dman/
Attachment:
pgp3dZYrpJJBf.pgp
Description: PGP signature