i had configured qmail,qmail pop3d ,vpopmail and sqwebmail on a redhat 8.0 linux system,
my problem is even as it mentioned in rcpthosts file that only my virtual domains need to send mails everyone is able to relay mails using it which is a serious security threat.
i didn't used the smtpauth module while configuring the mail server ,
even using telnet on port 25 i can able to send mails
How can i control the relay and supress the
sending mails using the telnet
Thanks in advance
Prashant
i had configured qmail,qmail pop3d ,vpopmail and sqwebmail on a redhat 8.0 linux system,
OK
my problem is even as it mentioned in rcpthosts file that only my virtual domains need to send mails everyone is able to relay mails using it which is a serious security threat.
This makes no sense at all. If you list only your domains in rcpthosts, then only mail from those domains will be accepted. Exception: the RELAYCLIENT environmental variable set by /etc/tcp.smtp.cdb or another method, will allow certain clients to relay. You haven't provided any information (such as the contents of /etc/tcp.smtp or the output of /var/qmail/bin/qmail-showctl), so it's impossible to tell what you're getting upset about.
even using telnet on port 25 i can able to send mails
To whom can you send mails, and why does this cause you concern?
How can i control the relay and supress the sending mails using the telnet
Without more information about your server configuration and why you're concerned, it's impossible to answer this question.
if [ -z "QMAILDUID" -o -z "$NOFILESGID" -o -z $MAXSMTPD" -o -z "$LOCAL" ];
then
echo QMAILDUDID, NOFILESGID, MAXSMTPD, or LOCAL is unset in
echo /var/qmail/supervise/qmail-smtpd/run
exit 1
fi
if [ ! -f /var/qmail/control/rcpthosts ]; then
echo "No /var/qmail/control/rcpthosts! "
echo "Refusing to start SMTP listener because it'll create an open
relay"
exit 1
fi
./qmail-showctl
qmail home directory: /var/qmail.
user-ext delimiter: -.
paternalism (in decimal): 2.
silent concurrency limit: 120.
subdirectory split: 23.
user ids: 501, 502, 503, 0, 504, 505, 506, 507.
group ids: 501, 502.
badmailfrom: (Default.) Any MAIL FROM is allowed.
bouncefrom: (Default.) Bounce user name is MAILER-DAEMON.
bouncehost: (Default.) Bounce host name is merlin.brilliant-it.com.
concurrencylocal: (Default.) Local concurrency is 10.
concurrencyremote: (Default.) Remote concurrency is 20.
databytes: (Default.) SMTP DATA limit is 0 bytes.
defaultdomain: Default domain name is brilliant-it.com.
defaulthost: (Default.) Default host name is merlin.brilliant-it.com.
doublebouncehost: (Default.) 2B recipient host: merlin.brilliant-it.com.
doublebounceto: (Default.) 2B recipient user: postmaster.
envnoathost: (Default.) Presumed domain name is merlin.brilliant-it.com.
helohost: (Default.) SMTP client HELO host name is merlin.brilliant-it.com.
idhost: (Default.) Message-ID host name is merlin.brilliant-it.com.
localiphost: (Default.) Local IP address becomes merlin.brilliant-it.com.
locals:
Messages for merlin.brilliant-it.com are delivered locally.
me: My name is merlin.brilliant-it.com.
percenthack: (Default.) The percent hack is not allowed.
plusdomain: Plus domain name is brilliant-it.com.
qmqpservers: (Default.) No QMQP servers.
queuelifetime: (Default.) Message lifetime in the queue is 604800 seconds.
rcpthosts:
SMTP clients may send messages to recipients at pra.com.
SMTP clients may send messages to recipients at brilliant-it.com.
morercpthosts: (Default.) No effect.
morercpthosts.cdb: (Default.) No effect.
smtpgreeting: (Default.) SMTP greeting: 220 merlin.brilliant-it.com.
smtproutes: (Default.) No artificial SMTP routes.
timeoutconnect: (Default.) SMTP client connection timeout is 60 seconds.
timeoutremote: (Default.) SMTP client data timeout is 1200 seconds.
timeoutsmtpd: (Default.) SMTP server data timeout is 1200 seconds.
virtualdomains:
Virtual domain: pra.com:pra.com
Virtual domain: brilliant-it.com:brilliant-it.com
defaultdelivery: I have no idea what this file does.
concurrencyincoming: I have no idea what this file does.
rcpthosts.lock: I have no idea what this file does.
virtualdomains.lock: I have no idea what this file does.
locals.lock: I have no idea what this file does.
Your configuration looks fine. Now, what were you concerned about?
I have a similar problem like user prashant_!012.
I doubt my qmail server is open relay.
Here some examples.
-) An email sent throught my Eudora client configure throught IP address of my SMTP server are dispatched to remote MTA although the from/to email address are not mantained from my server and are not in rcpthosts.
-) Another examples is a mail correctly sent via telnet:
# telnet mysmtpserverIP 25
helo iamspammer
mail from:<anywhere@domainA-ext.com>
rcpt to:<elsewhere@domainB-ext.com>
data
subject: telnet test
.
quit
---
Reading log /var/log/smtpd/current, I see that:
2009-12-18 15:32:03.807795500 tcpserver: ok 12626 myreversedns:my.ip.server:25 :my.remote.ip::1968
2009-12-18 15:32:04.824912500 simscan:[8204]:RELAYCLIENT:12.6284s:-:my.remote.ip:anywhere@domainA-ext.com:elsewhere@domainB-ext.com
2009-12-18 15:32:04.892712500 tcpserver: end 12626 status 0
2009-12-18 15:32:04.892714500 tcpserver: status: 3/90
Where/Who is set the RELAYCLIENT variable for IP address out of 127.0.0.1?
I have S.O. centos5.4, qmail lifewithqmail default installation, spam assassin and clamav installed from source.
#!/bin/sh
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
LOCAL=`head -1 /var/qmail/control/me`
QMAILQUEUE="/var/qmail/bin/simscan"
export QMAILQUEUE
if [ -z "$MAXSMTPD" -o -z "$LOCAL" ]; then
echo QMAILDUID, NOFILESGID, MAXSMTPD, or LOCAL is unset in
echo /var/qmail/supervise/qmail-smtpd/run
exit 1
if [ ! -f /var/qmail/control/rcpthosts ]; then
echo "No /var/qmail/control/rcpthosts!"
echo "Refusing to start SMTP listener because it'll create an open relay"
exit 1
#exec /usr/local/bin/softlimit -m 2000000 \
/usr/local/bin/tcpserver -H -v -x /home/vpopmail/etc/tcp.smtp.cdb -c "$MAXSMTPD" \
-R -u 89 -g 89 0 smtp /usr/local/bin/rblsmtpd -b -C \
-r 'list.dsbl.org:Your message was rejected because the message was sent from a server listed in DSBL - More information regarding this problem is available at /listing?%IP% - Please forward this error to your email server support staff for resolution.' \
-r 'sbl-xbl.spamhaus.org:Your message was rejected because the message was sent from a server listed in the Spamhaus RBL - More information regarding this problems is available at =%IP% - Please forward this error to your email server support staff for resolution.' \
-t 5 /var/qmail/bin/qmail-smtpd 2>&1
------------
# /var/qmail/bin/qmail-showctl
qmail home directory: /var/qmail.
user-ext delimiter: -.
paternalism (in decimal): 2.
silent concurrency limit: 120.
subdirectory split: 23.
user ids: 501, 502, 503, 0, 504, 505, 506, 507.
group ids: 501, 502.
badmailfrom:
!@ not accepted in MAIL FROM.
[!@] not accepted in MAIL FROM.
[!%#:\*\^] not accepted in MAIL FROM.
[\(\)] not accepted in MAIL FROM.
[\{\}] not accepted in MAIL FROM.
[@.*@] not accepted in MAIL FROM.
bouncefrom: (Default.) Bounce user name is MAILER-DAEMON.
bouncehost: (Default.) Bounce host name is MYROOTDOMAIN.COM.
concurrencylocal: (Default.) Local concurrency is 10.
concurrencyremote: (Default.) Remote concurrency is 20.
databytes: (Default.) SMTP DATA limit is 0 bytes.
defaultdomain: Default domain name is MYROOTDOMAIN.COM.
defaulthost: (Default.) Default host name is MYROOTDOMAIN.COM.
envnoathost: (Default.) Presumed domain name is MYROOTDOMAIN.COM.
helohost: (Default.) SMTP client HELO host name is MYROOTDOMAIN.COM.
idhost: (Default.) Message-ID host name is MYROOTDOMAIN.COM.
localiphost: (Default.) Local IP address becomes MYROOTDOMAIN.COM.
locals:
me: My name is MYROOTDOMAIN.COM.
percenthack: (Default.) The percent hack is not allowed.
plusdomain: Plus domain name is MYROOTDOMAIN.COM.
qmqpservers: (Default.) No QMQP servers.
queuelifetime: (Default.) Message lifetime in the queue is 604800 seconds.
rcpthosts:
SMTP clients may send messages to recipients at MYROOTDOMAIN.COM.
SMTP clients may send messages to recipients at myvhostdomain1.com.
SMTP clients may send messages to recipients at myvhostdomain2.com.
SMTP clients may send messages to recipients at myvhostdomain3.com.
SMTP clients may send messages to recipients at myvhostdomain4.com.
SMTP clients may send messages to recipients at myvhostdomain5.com.
rcpthosts.lock: I have no idea what this file does.
virtualdomains.lock: I have no idea what this file does.
badmailto: I have no idea what this file does.
concurrencyincoming: I have no idea what this file does.
defaultdelivery: I have no idea what this file does.
------------
Thanks in advance,
Paola
UPDATE:
locals:
Note that "locals" file under /var/qmail/control exist, but was empty.
If I remove this file, (and reload smtp server using: qmailctl stop, kill, start ), smtp qmail fails to deliver emails only to MYROOTDOMAIN.COM, although it is rcphosts first line, while all other domains rcphosts work well.