LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 01-01-2004, 05:14 AM   #1
varunbihani
Member
 
Registered: Jul 2003
Location: indore, india
Posts: 69

Rep: Reputation: 15
Stop Open Relay


Would someone please tell me how to close the "relay"...I am getting hosed from lots of junk mails. Don't know what else to try???
I have sendmail 8.9.3 version
 
Old 01-01-2004, 05:36 PM   #2
kbcnetau
Member
 
Registered: Dec 2003
Location: South Australia (ex-Devon, UK)
Distribution: SuSE, Slackware, Fedora, Debian, Knoppix
Posts: 141

Rep: Reputation: 15
Sendmail can work with DNS-based blacklists. Note - any blacklisting system runs the risk of giving 'false positives' and rejecting legitimate mail.

I use <http://www.spamcop.net>

Hope this helps.
 
Old 01-01-2004, 09:16 PM   #3
J_Szucs
Senior Member
 
Registered: Nov 2001
Location: Budapest, Hungary
Distribution: SuSE 6.4-11.3, Dsl linux, FreeBSD 4.3-6.2, Mandrake 8.2, Redhat, UHU, Debian Etch
Posts: 1,126

Rep: Reputation: 58
I would not keep an open relay even if it co-operates with spammer databases.
There is always a chance that a spammer not being in the database happens to send some hundred thousand letters via your relay.
Then you could easily find yourself blacklisted on the internet.

But can you distribute security certificates to your users?
If so, then you could setup your server to only allow relaying for those who have the certificate.

Last edited by J_Szucs; 01-01-2004 at 09:20 PM.
 
Old 01-01-2004, 09:51 PM   #4
ezra143
Member
 
Registered: Aug 2003
Location: NY
Distribution: RH9, RH8, Slack, Vector
Posts: 497

Rep: Reputation: 31
i may be reading wrong, but are you getting tons of spam, or are you being used as a relay to SEND tons of spam?

Try spam assasin if it is you getting the mail. If your are RELAYING the mail to other MTA's, then you should look at your hosts-allow file (or something like that)
 
Old 01-01-2004, 10:07 PM   #5
kbcnetau
Member
 
Registered: Dec 2003
Location: South Australia (ex-Devon, UK)
Distribution: SuSE, Slackware, Fedora, Debian, Knoppix
Posts: 141

Rep: Reputation: 15
Yes, I think that I may have mis-interpreted the original post; my advice was based on varunbihani's mail server receiving a lot of spam - not that it was configured as an 'open relay' and RELAYING as opposed to just RECEIVING. [A relay is when the server sends the mail out again to somewhere else, rather than the user having to pick their mail up from that server.]

If sendmail came as part of a distribution, I would imagine the security to be set up fairly well without having to touch anything. If, however, varunbihani has compiled Sendmail from source, it is possible that the problem is RELAYING not RECEIVING. If this really is the problem, there is information from mail-abuse.org:
<http://mail-abuse.org/tsi/ar-fix.html#sendmail_8>
 
Old 01-02-2004, 02:17 AM   #6
lucastic
Member
 
Registered: Aug 2003
Location: Oz
Distribution: Gentoo - Debian
Posts: 202

Rep: Reputation: 30
var*,

if you are afraid you may have an open relay you can test it at:

http://www.abuse.net/relay.html


good luck

Lucas
 
Old 01-02-2004, 02:24 AM   #7
varunbihani
Member
 
Registered: Jul 2003
Location: indore, india
Posts: 69

Original Poster
Rep: Reputation: 15
Actually I want to know how do I stop relaying on my server so that no one else can send mail from my server other than my authorised users.
 
Old 01-02-2004, 09:35 AM   #8
J_Szucs
Senior Member
 
Registered: Nov 2001
Location: Budapest, Hungary
Distribution: SuSE 6.4-11.3, Dsl linux, FreeBSD 4.3-6.2, Mandrake 8.2, Redhat, UHU, Debian Etch
Posts: 1,126

Rep: Reputation: 58
You did not answer my question: are you in the position to distribute security certificates to your clients?
If so, there is a greate article at this forum, showing how to setup a secure smtps server (and more):
http://www.linuxquestions.org/questi...ticle&artid=50

The greatest thing with that setup is that it uses stunnel. Once you configured stunnel correctly for one secure service, you can configure other secure services (pop3s, https, etc.) in one minute: just start a new stunnel daemon for the new service with the corresponding port pairs.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
How can I not use open relay? Red Squirrel Linux - Networking 2 08-20-2005 11:31 PM
Open relay gubak Linux - Networking 1 08-25-2004 01:02 PM
How can I tell if my sendmail is an open relay.. Bjorkli Linux - Networking 1 05-28-2004 03:35 AM
Open Relay valnarability? mikeshn Linux - Security 16 02-19-2004 10:13 PM
open relay slack66 Linux - Security 1 09-28-2003 08:26 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 07:32 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration