Re: How to close an open relay (exim3)?
In article <[🔎] 200501292026.53365.ggrubbish@web.de>,
gerhard <ggrubbish@web.de> wrote:
>But there's another thing that appeared this afternoon while retesting
>the situation:
>
># exim -bh 172.181.203.112
>
>**** SMTP testing session as if from host 172.181.203.112
>**** Not for real!
>
>>>> host in host_lookup? yes (*)
>>>> looking up host name for 172.181.203.112
>>>> IP address lookup yielded acb5cb70.ipt.aol.com
>>>> host in host_reject? no (option unset)
>>>> host in host_reject_recipients? no (option unset)
>>>> host in rbl_hosts? yes (0.0.0.0/0)
>>>> checking RBL domain blackholes.mail-abuse.org/reject
>>>> RBL lookup for 112.203.181.172.blackholes.mail-abuse.org failed
>>>> => that means it's not black listed at blackholes.mail-abuse.org
>
>I felt strange about the behavior of exim while I got a dial-up
>connection to compuserve/AOL.
You tested a connection from AOL to your PC.
>Compuserve/AOL got an IP range from 172.128.0.0 to 172.191.255.255
>according to the whois database.
>
>Extract from the 1st section of my exim.conf:
>
> rbl_hosts = !192.168.0.0/24:0.0.0.0/0
>|---------------------------^^^^ ok should be 172.16.0.0/24, but
>because of that it's even stranger, that AOL IP's matches.
> recipients_reject_except = postmaster@workgroup.home
> host_accept_relay = 127.0.0.1 : ::::1 : 172.16.240.0/24
>|-----------------------------------------------------------^^^ here you
>can see explicit 172.16.240.0/24 and not that address range from AOL
> 172.128.0.0 - 172.191.255.255
Well, 172.181.203.112 matches 0.0.0.0/0 so that's why it's being
tested for RBL. rbl_hosts = !192.168.0.0/24:0.0.0.0/0 means
"all hosts except 192.168.0.0/24"
Mike.
Reply to: