Re: How to close an open relay (exim3)?
In article <firstname.lastname@example.org>,
gerhard <email@example.com> wrote:
>:Relay test: #Test 9
>>>> mail from: <spamtest@A2469.a.pppool.de>
><<< 250 <spamtest@A2469.a.pppool.de> is syntactically correct
>>>> rcpt to: <firstname.lastname@example.org>
><<< 250 <email@example.com> verified
><<< 221 debian closing connection
>Tested host banner: 220 debian ESMTP Exim 3.36 #1 Fri, 28 Jan 2005
>System appeared to accept 1 relay attempts
>Connection closed by foreign host.
>does "System appeared to accept 1 relay attempts
>Connection closed by foreign host." mean, that exim rejected the mail
>internaly after accept it to relay the mail, or is my exim an open
>relay (if the firewall isn't up).
The former. The standard exim assumes "nobody%mail-abuse.org" is
a so-called "local part" and the validity of local-parts is not
tested at SMTP time with the default Debian config (which I
think is the wrong default, but hey).
Add this to the "main" part (first part) of you exim.conf file:
# Verify addresses in the SMTP stage
receiver_try_verify = true
Restart exim, and test again. However the test may still
succeed if exim decides ggrubbish%web.de is actually
a valid local address (as it seems to do based on the
next test, below). No reason to panic.
>An other non-anonymous test
>resulted in the following outcome:
> Hmmn, at first glance, host appeared to accept a message for relay.
> THIS MAY OR MAY NOT MEAN THAT IT'S AN OPEN RELAY.
>but I received the mail :-(, and I'm sure, that I had during the whole
>process of the test the same IP-address (I'm using a dial-up
Well, you're not an open relay, your system simply accepted the
message. Something in your local configuration (perhaps
rewrite rules) makes exim decide that firstname.lastname@example.org
is a local address, to be delivered locally to ggrubbish.
>Here is the header of the mail I received:
> Envelope-to: email@example.com
> Received: from localhost
> ([127.0.0.1] helo=amavis ident=amavis)
> by debian with esmtp (Exim 3.36 #1 (Debian))
> id 1Cr12c-0005ia-00
> for <firstname.lastname@example.org>; Tue, 18 Jan 2005 22:37:34
> Received: from debian ([127.0.0.1])
> by amavis (debian [127.0.0.1]) (amavisd-new, port 10024) with
> id 21874-02 for <email@example.com>;
> Tue, 18 Jan 2005 22:37:26 +0100 (CET)
> Received: from www.abuse.net ([18.104.22.168])
> by debian with smtp (Exim 3.36 #1 (Debian))
> id 1Cr12U-0005iO-00
> for <firstname.lastname@example.org>; Tue, 18 Jan 2005 22:37:26
Yup, not a relay (it's not getting sent _out_ again).