[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
how to stop spam relaying?
I have setup some anti-spamming rules in my smtp-policy files, but it
looks like someone was actually able to use my system as a spam relay:
Here are the logs:
3049# connection from usr1-dialup51.mix1.Bloomington.mci.net ident:
TIMEDOUT [port 1087]
3049w 220 gate ZMailer Server 2.99.49p8 #1 ESMTP+IDENT ready at Sat,
24 Jan 1998 15:22:45 -0700
3049# remote from [166.55.19.51]
3049r HELO ccweb.ccweb.com
3049w 250 gate.mcc.net expected "HELO
usr1-dialup51.mix1.Bloomington.mci.net"
3049r RSET
3049w 250 2.0.0 Ok
3049r MAIL FROM:<guhio71@msn.com>
3049w 250 2.1.0 Sender syntax Ok
3049r RCPT TO:<2001199@mcimail.com>
3049w 250 2.1.5 Recipient address syntax Ok
3049r RCPT TO:<2001198@mcimail.com>
3049w 250 2.1.5 Recipient address syntax Ok
3049r RCPT TO:<2001197@mcimail.com>
.....
.....
.....
.....
3049r RCPT TO:<2001101@mcimail.com>
3049w 250 2.1.5 Recipient address syntax Ok
3049r RCPT TO:<2001100@mcimail.com>
3049w 250 2.1.5 Recipient address syntax Ok
3049r DATA
3049w 354 Start mail input; end with <CRLF>.<CRLF>
3049w 250 2.6.0 S.omabe421802 message accepted
3049# S.omabe421802: 6960 bytes
3049r QUIT
3049w 221 2.0.0 gate.mcc.net Out
I have setup the following files to try to stop this:
smtp-policy.relay:
(List of IPs that can use us as an outgoing smtp server)
smtp-policy.mx:
(all of the domains that we are the mail exchanger for)
I then run $ZMAILER/bin/policy-builder.sh to create the database files,
and the policydb parameter in smtpserver.conf is set to:
PARAM policydb ndbm /apps/zmailer/db/smtp-policy
According to the contents of the above files, what happened in the logs
above, should never have happened.
Am I missing something obvious?
--
Trevor Paquette | MetroNet Solutions |Work:(403)543-2355
TrevorPaquette@mcc.net |4300, 150 6th Ave SW| Fax:(403)543-2854
http://www.mcc.net |Calgary, AB, Canada |ICBM:51'03"N/114'05"W
Senior Unix Network Architect| T2P 4K9 |Mind:In the Rockies