LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Slackware (https://www.linuxquestions.org/questions/slackware-14/)
-   -   Qmail: Am I an open relay? (https://www.linuxquestions.org/questions/slackware-14/qmail-am-i-an-open-relay-441679/)

mustangfanatic01 05-04-2006 04:30 PM
Qmail: Am I an open relay?
 
I setup a mail server based off of the walkthrough at www.qmailrocks.org. Looking through my nightly 24-hour report I am a little concerned about the SMTP sessions.

==> Server Report

External SMTP sessions: 17996
Internal SMTP sessions: 25
SMTP msgs dropped: 2080
Scan Errors: 0
Non-MIME or text/plain (msgs): 550
MIME (msgs): 15390
Average scan time/msg (secs): 6.63153
QMS WC bad char (msgs): 0
QMS WC header breakage (msgs): 14
QMS WC bad MIME hdr (msgs): 0
QMS WC bad MIME content (msgs): 2
QMS WC bad MIME filename (msgs): 0
QMS WC bad MIME boundary (msgs): 0
QMS WC bad MIME assoc (msgs): 2
QMS WC bad MIME windows file (msgs): 0
QMS WC bad zip file (msgs): 0
PERLSCAN bad MIME hdr (msgs): 0
PERLSCAN bad hdr found in db (msgs): 0
PERLSCAN bad attach length (msgs): 0
PERLSCAN bad attachment type (msgs): 6
UNZIP password protected (msgs): 0
CLAMAV virus found (msgs): 15
SPAM deleted (msgs): 9833
SPAM detected (msgs): 499
SPAM quarantined (msgs): 0
SPAM rejected (msgs): 0

People using my email only need to use pop (everyone uses Outlook, Thunderbird, etc..) and sending of mail is handled by our business smtp server compliments of AT&T. I do have squirrelmail setup so people can check their email if they are away from their desk. Given the stats there are there zombie machines sending emails through my machine? What can I do to learn more about this, and stop it if such is the case? Thanks!

gilead 05-04-2006 05:26 PM
You can test whether you have an open relay at http://www.ordb.org/submit/. You'll need to provide your IP address and an email address and they'll test your mail server for you...

raska 05-04-2006 05:34 PM
by default qmail is not an open relay, what does your /etc/tcp.smtp file have?

anything different to
Code:
127.:allow,RELAYCLIENT=""
could mean trouble

also check in /var/qmail/control the file rcpthosts, it should not be different to the locals file (at the default installation, one is copied to the other)

mustangfanatic01 05-04-2006 05:47 PM
I checked both of the files mentioned above and looks good. Waiting on email from OBDB to find out further. I'm just wondering why my server has so many external smtp sessions.

bathory 05-05-2006 02:24 AM
You can also test your mail server for open relay here without waiting for confirmation emails

Regards

mustangfanatic01 05-05-2006 10:53 AM
Thanks guys, ORDB says i'm not an open relay :)


All times are GMT -5. The time now is 05:08 AM.