Funkcni sendmail, ktery projde testy ORBS (longer)

Martin Och martin na och.cz
Čtvrtek Listopad 18 15:39:50 CET 1999 

Dobry den.

Na uvod dve slova - jsem zoufaly...

Pred casem byly moje mail servery umisteny na black list ORBSu.
Nejakou dobu jsem se tomu nevenoval, ale ted si v tom chci udelat poradek.
Dle nejakych linku na http://www.orbs.org mi doporucili bezpecny sendmail,
ktery ma oznaceni 8.9.3-7isp.

Tak jsem si ho nainstaloval, nastavil, do sendmail.cw, ze ma prijimat postu jen
pro sam sebe, do relay-domains jsem dal ze ma delat relay jen pro jednu domenu.
Nastartoval jsem ho, a na orbsu odklikl, ze je muj server secured...

Zacaly probihat nejake testy (byly videt ve /var/log/maillog) a vse co slo z orbsu
koncilo relaying denied, popr. hlaskou Lost input chnanel, coz mimochodem nevim,
co znamena...
Zacal jsem si mnout ruce, ze je to OK, ale chyba lavky...
Najednou mi na ten stroj prisel majl, ktery znel:

---CUT HERE ---

>From notifier na orbs.org  Thu Nov 18 13:41:38 1999
Date: Thu, 18 Nov 1999 23:54:03 +1300
Message-Id: <199911181054.XAA01650 na mail2.manawatu.net.nz>
To: postmaster na r1csc.cscnet.cz, postmaster na r1csc.cscnet.cz
From: The Open Relay Behaviour-modification System <listings na orbs.org>
Reply-To: ORBS listings <listings na orbs.org>
Subject: Network security problem: 195.119.184.38 is an open email relay

Please read this entire message carefully before replying

If you are not the technical contact for your organisation, please
forward this to the person who is.

Reference: http://www.orbs.org/messagelookup.cgi?address=195.119.184.38

195.119.184.38 has been detected as an insecure email relay and added
to the ORBS database.

Please check the ORBS website (http://www.orbs.org/) for links 
to other sites that may be able to help you close your relay. Most mail
transport agents can be secured quickly by the operator, usually for no
cost other than the time take to read the appropriate instructions for
your software.

To be removed from the ORBS database, you need to disable the external relay
features of your mail server and then report the IP address 195.119.184.38
to our web site at  http://www.orbs.org/closed1.cgi.
We will immediately remove your site's entry, then re-test it for
third-party relay capabilities.

ORBS is an automated testing system, if your mailserver has multiple
IP interfaces, it is likely that you will receive multiple copies of
this message. You should only receive one notice per IP number, however
ORBS notices are sent to both the literal IP address and the resolved DNS
name, so 2 notices may be received in some cases.

Thank you for your attention to this matter.

Sincerely,

listings na orbs.org

The message your system relayed is attached below.
If you believe your server has been secured, please check the
X-Envelope lines to see which vulnerability has been missed
and check them against the list of vulnerabilties at
http://www.orbs.org/envelopes.cgi

>From sender na orbs.org  Thu Nov 18 23:54:02 1999
Received: from r1csc.cscnet.cz (r1csc.cscnet.cz [195.119.184.38])
by mail2.manawatu.net.nz (8.9.3/8.9.3) with ESMTP id XAA01634
for <orbs-relaytest na manawatu.co.nz>; Thu, 18 Nov 1999 23:53:33 +1300
X-Remote-IP: 195.119.184.38
Received: from relaytest.orbs.org (OrbsNtst na relaytest.orbs.org [202.36.148.5])
by r1csc.cscnet.cz (8.8.7/8.8.7) with SMTP id LAA27429
for <"orbs-relaytest na manawatu.co.nz">; Thu, 18 Nov 1999 11:53:10 +0100
Date: Thu, 18 Nov 1999 11:53:10 +0100
From: sender na orbs.org
To: "orbs-relaytest na manawatu.co.nz"@r1csc.cscnet.cz
X-Token: yonseddmzwhdckgj
X-Envelope-Sender: <sender na orbs.org>
X-Envelope-Recipient: <"orbs-relaytest na manawatu.co.nz">
Message-Id: <195.119.184.38 na orbs.org>
Subject: ORBS Relay Test - 195.119.184.38

This program (re)tests for open relays.

Open relays are automatically added to the ORBS Open Relay
Database (see http://www.orbs.org/ for details).

Open relays are rechecked monthly or more frequently.
Secured hosts are rechecked every 3-6 months

There are up to 17 different tests applied per IP address.

Do not use the above addresses to contact me - use admin na orbs.org.

Help on securing relays can be found at http://maps.vix.com/tsi/
and at http://www.orbs.org/otheresources.cgi

X-Token: yonseddmzwhdckgj
X-Envelope-Sender: <sender na orbs.org>
X-Envelope-Recipient: <"orbs-relaytest na manawatu.co.nz">

--- CUT HERE ---

Nevim, jak se jim to podarilo. Nejsem odbornik na sendmail, a ani se ho
nechci nijak zvlast ucit. Nezabijejte mne :))

Potrebuji zajistit nasledovne:
Funkcni smtp a pop stroj, ktery bude prijimat postu pro x domen (virrtusertable),
a dale bude fungovat jako zalozni mailserver pro dalsich x domen.

Nevim jak je sendmail dobry, ci ne. Ale vim, ze tohle vsechno mi umizajistit.
Jenze je v nem nejaka dira, diky ktere budu asi znovu na blacklistu ORBS.
Zatim tam nejsem, je tam poznamka, ze prave probihaji testy.

Jestli mate nekdo funkcni sendmail, ktery min. umi to, co jsem uvedl, a
prosel testy ORBSu, byl bych rad, kdyby jste me nasmerovali,
co delam spatne, popr. poskytli Vas sendmail...

Diky za pomoc...
--
Martin Och
Network Administrator
CS-COMPEX, a.s.

To "shut down" your system type "WIN"

Další informace o konferenci Sendmail