Not quite mail relay
Gary
gv-list-freebsdquestions at mygirlfriday.info
Sat Sep 13 19:02:28 PDT 2003
Hi Derrick,
--On Saturday, September 13, 2003 05:10:17 PM -0700 Derrick Ryalls
<ryallsd at datasphereweb.com> wrote:
>> No they don't. Email admims look at the last sender IP
>> address in the headers, which is the only valid address, all
>> others are usually forged.
>
> What I am referring to is the unable to deliver email that qmail sends
> to hotmail has an unknown user.
If it is his qmail server, then someone is probably relaying through him.
He can determine this through his logs.
If someone is just using one of his email addresses, and he is not a relay,
then he is getting Joe-Jobbed.. You have not determined this yet.
> Hotmail then bounces the mail back to
> my brother's server as an undeliverable, and since it is then a double
> bounce, it lands in my brother's inbox (mailer-daemon goes to him).
> Today, he has received over 6000 bounced msgs.
Okay, if your question is only - how do I stop double bounces from getting
into my system, then here is the answer.
1. Change the /var/qmail/control/doublebounceto file to read only one line
saying "obvilion" (without the quotes)
2. Set up an alias in the /var/qmail/alias dir, and make a file called
.qmail-obvilion
3. Edit the file and put in a "#" (no quotes) on one line by itself.
Now, all double bounces with be directed to nowhere, and dissappear.
>> Yes, but you have to provide more info rather than speculate
>> on what you are having a problem with. Are you an open
>> relay? Check your logs? If so, something is not configured
>> properly. If you are just getting bounces from your own
>> domain, and someone is forging your domain as the sender or
>> return address in their spam, that is called a Joe-Job.
> In the /var/qmail/control, only his domains are listed.
That would be /var/qmail/control/rcpthosts file. If he does not have that
file, he is an open relay and sitting duck.
> In tcp.rules,
> only localhost can relay email. Normal clients can only send mail with
> SMTP-ATUH.
There is no tcp.rules file in qmail. The local file is called
/var/qmail/control/locals, and local host and his domain(s) should be
listed there, but not virtual domains.
As above, if he does not check his logs, and read his headers, he has no
way of knowing if he is relaying, or suffering from a Joe-Job. There are
other ways spammers try to get in, and if he is running a web server, have
him also check to make sure he is not running formmail.cgi or pl
--
Gary
More information about the freebsd-questions
mailing list