also sprach Ralf Hildebrandt <[EMAIL PROTECTED]> [2002.03.21.0743 +0100]: > postfix/smtpd[6023]: connect from host074125.arnet.net.ar [200.45.74.125] > postfix/smtpd[6023]: 6937F1673D: client host074125.arnet.net.ar[200.45.74.125] > postfix/cleanup[6024]: 6937F1673D: message-id=3D<[EMAIL PROTECTED]> > postfix/qmgr[31979]: 6937F1673D: from=<[EMAIL PROTECTED]>,size=3D5880, > nrcpt=3D25 (queue active) > postfix/smtp[6038]: 6937F1673D: to=<[EMAIL PROTECTED]>, > relay=mailin-02.mx.aol.com[64.12.136.121], delay=7, status=sent (250 OK) > > For some strange reason you must be relaying for either "cs.com" > (check relay_domains!) or for 200.45.74.125 or for "ar", "net.ar", > "arnet.net.ar"
the log entries do not include TLS negotiation, so it's cleartext and thus subject to mynetworks or relay_domains relaying, relay_clientcerts is not an issue. let's inspect: [EMAIL PROTECTED]:~# postconf mynetworks mynetworks = 127.0.0.0/8 [EMAIL PROTECTED]:~# postconf mydomain mydomain = madduck.net [EMAIL PROTECTED]:~# postconf myhostname myhostname = seamus.madduck.net [EMAIL PROTECTED]:~# postconf mydestination mydestination = localhost.$mydomain, $myhostname, hash:$db_dir/mydestination.hash [EMAIL PROTECTED]:~# grep "^db_dir" /etc/postfix/main.cf db_dir = /etc/postfix/db [EMAIL PROTECTED]:~# cat /etc/postfix/db/mydestination.hash madduck.net OK mail.madduck.net OK lists.madduck.net OK dyn.madduck.net OK mail.dyn.madduck.net OK [EMAIL PROTECTED]:~# postconf relay_domains relay_domains = hash:$db_dir/relays.hash diamond.madduck.net OK mail2.madduck.net OK > What's in hash:$db_dir/access.hash ? nothing: [EMAIL PROTECTED]:~# ls -l /etc/postfix/db/access.hash -rw-r--r-- 1 root root 0 Sep 16 2001 access.hash so no, it's a closed relay. > Maybe permit_naked_ip_address ? that seems to be the only possibility, and: 220 seamus.madduck.net ESMTP "welcome to the machine..." ehlo 130.58.218.7 250-seamus.madduck.net 250-PIPELINING 250-SIZE 5120000 250-ETRN 250-STARTTLS 250-XVERP 250 8BITMIME mail from: <[EMAIL PROTECTED]> 250 Ok rcpt to: <[EMAIL PROTECTED]> 250 Ok data 354 End data with <CR><LF>.<CR><LF> oh no! . 250 Ok: queued as D4A5B1673D quit 221 Bye (i didn't actually send that email), but yes, permit_naked_ip_address in the right place, and you can forget your UCE filters! wow, that's quite a slap in the face. i am glad i was able to fix that before being the biggest open relay out there... -- martin; (greetings from the heart of the sun.) \____ echo mailto: !#^."<*>"|tr "<*> mailto:"; [EMAIL PROTECTED] "when i tell a robot to get me a beer, i don't want it horsing around. i want it to get a beer." -- joseph k. engelberger
pgpbZaN2iMHsI.pgp
Description: PGP signature
