sendmail: open-relay

Ian Smith smithi at
Tue Jan 5 04:43:58 UTC 2010

In freebsd-questions Digest, Vol 292, Issue 3, Message: 10
On Mon, 04 Jan 2010 13:42:28 +0000 Matthew Seaman <m.seaman at> wrote:
 > Peter Ulrich Kruppa wrote:
 > > Am Montag, den 04.01.2010, 13:02 +0000 schrieb Matthew Seaman: 
 > >> Peter Ulrich Kruppa wrote:
 > >>> I am running my own small mail-server, i.e. I use my desktop pc for
 > >>> sending and receiving my private mails.
 > >>> That worked quite nicely the last years. From time to time I tested
 > >> my
 > >>> mail-server via's mail-relay tester. - Never got any
 > >>> positives.
 > >>> Now suddenly I receive one:
 > >>> Any ideas?
 > >> Plenty.  But it would help a great deal if you showed us your
 > >> ${hostname}.mc.
 > > O.K. this is my complete
 > > --------------------------------------------
 > > divert(-1)
 > > #
 > [...]
 > which is exactly the same as the default -- nothing suspicious
 > there.

Well, except as you said later, how then is SA being invoked from that 
.mc file, unless the in use maybe wasn't made from that .mc?

I'd suggest:
  # cd /etc/mail
  copy the present (and maybe for diff later
  # make cf				# read the nice Makefile
  # diff	# expecting nothing

 > Hmmm...  anything unusual (ie to do with domains not local to your machine)
 > in /etc/mail/local-host-names or /etc/mail/virtusertable  or 
 > /etc/mail/mailertable?  You're definitely running with that config file,

If it was in fact last compiled to the present, yes.

I'd also check that or its IP address[es] don't appear in 
relay-domains (aka sendmail.cR) - which sounds like a long shot, but 
might explain the behaviour.  Or an ' RELAY' in access[.db]?

Jerry's test seems to have ruled out general open relay behaviour.

 > and you don't have anything like OpenBSD spamd(8) running that could 
 > intercept incoming SMTP traffic?

Even so, should spamd ever send or bounce mail?

 > If that's so, then I can't see how your machine could be an open 
 > relay.  The relay tester must have been having a bad day.  
 > In fact, can you find the records in /var/mail/maillog to show 
 >'s server connecting to yours in order to do the testing?  
 > It may be that it was connecting to somewhere else entirely.  Or it 
 > was somehow trying to test relaying using an address that was somehow 
 > actually valid on your system.

Indeed.  Unless there's a 'to=<[*.]> [...] stat=Sent' line in 
maillog then or later, your Bad Day Theory sounds quite likely.

cheers, Ian

More information about the freebsd-questions mailing list