Hi there, I'm a qmail newbie switching from being a sendmail administrator for 4 years, and something is concerning me, and it's the smtp security. In the logs in /var/log/qmail/current I see that there are some connections from weird servers that the server allows to send mail to other hosts that are not in my rcpthosts file after they retry several times. When I telnet to it thru port 25 and try to send mail to other hosts rather than the ones that I have in my server, it sends me the denial message (as is suppoused to do with everybody) but, then how come some other people is allowed to send mail thru my mail server even if the receiver isn't in the rcpthosts file?
Take a look at this:
1) the spammer gets into the server
-------------------
@400000003ed438a30a3238cc info msg 187843: bytes 3475 from <homeloan8894rmov@aol.com> qp 16744 uid 1018
-------------------
2) the server sends the first message of denial
-------------------
@400000003ed408bf25c257fc delivery 123: deferral: Sorry,_I_wasn't_able_to_establish_an_SMTP_connection._(#4.4.1)/
@400000003ed408bf25c2967c status: local 0/10 remote 0/20
-------------------
3) after retrying lots of times, somehow the server allows the message to be send and of course that argentina.com isn't in my rcpthosts file
-------------------
@400000003ed41381256c585c starting delivery 124: msg 187843 to remote
s4y@argentina.com
@400000003ed41381256c9ac4 status: local 0/10 remote 1/20
@400000003ed4154710ad95ac delivery 124: success: 200.68.207.253_accepted_message./Remote_host_said:_250_Ok:_queued_as_6B221689
C0/
-------------------
How do I tell qmail to only allow smtp (send mail) connections in my network? for example, just the people using 192.168.0.* and refuse everybody else? I have read the Life with qmail and many other documentation books but, all they talk is this rcpthosts file, nothing else...
Thanx for the help
Juan Hernandez