Thanks very much for the quick, on target replies.
It turns out that the situation with AOL has to do with a reverse-DNS issue (even though my server has been running for a long long time and the configuration hasn't changed, they decided to get picky about it now). Nonetheless, I think I'd like to address the problem that you guys have brought up.
I added the host name to the /var/qmail/supervise/qmail-smtpd/run file and re-ran the tests from http://spamlart.homeunix.org and got the same results (a lot of "Potential Vulnerabilities"). I guess I need to "grab the 0.5 patch from shupp.org. You'll have to patch a fresh copy of qmail." I hate to be too dense here, but are there some instructions for doing this to a live mail server? I'd really like to avoid demolishing something that works well. Is this something I should do in the middle of the night? Are there any non-obvious configuration files that need to be backed up first?
Thanks again for all your help - it is very much appreciated.
Andy
On Friday, September 26, 2003, at 11:21 AM, Bill Shupp wrote:
On Thursday, September 25, 2003, at 10:14 AM, Andy Drexler wrote:
I've been running the toaster configuration of qmail for over a year and it has been great. Yesterday, however, I discovered that AOL had decided to block my server because, in their words:
Remote host said: 554-(RLY:B1) The information presently available to AOL indicates this
554-server is generating high volumes of member complaints from AOL's
554-member base. Based on AOL's Unsolicited Bulk E-mail policy at
554-http://www.aol.com/info/bulkemail.html AOL may not accept further
554-e-mail transactions from this server or domain. For more information,
554 please visit http://postmaster.info.aol.com.
I'm not going to try again; this message has been in the queue too long.
Yes, you are an open relay due to the smtp-auth bug. You are missing the "hostname" argument to qmail-smtpd. I think that my early toaster setup was missing this, as it used the old qmail-toaster patch. Here's evidence of my relay test:
$ telnet 64.186.170.70 25 Trying 64.186.170.70... Connected to 64-186-170-70-cust.nextweb.net. Escape character is '^]'. 220 mail2.smartsite.net ESMTP auth login 334 VXNlcm5hbWU6 VXNlcm5hbWU6 334 UGFzc3dvcmQ6 UGFzc3dvcmQ6 235 ok, go ahead (#2.0.0) mail from: [EMAIL PROTECTED] 250 ok rcpt to: [EMAIL PROTECTED] 250 ok data 354 go ahead test . 250 ok 1064599919 qp 18947 quit 221 mail2.smartsite.net Connection closed by foreign host.
So, here's what you need to do:
Edit your "run" file, and add your hostname *after* qmail-smtpd,but before vchkpw. Then restart qmail-smtpd. If that fails, then grab the 0.5 patch from shupp.org. You'll have to patch a fresh copy of qmail.
Regards,
Bill Shupp
Andy Drexler [EMAIL PROTECTED] (650) 948-4217
