anti-relay-dalsi pokus ?

Rastislav LIPTAJ liptajr na pp.internet.sk
Středa Červen 14 08:35:54 CEST 2000 

Neviem ci by doslo k RELAY, ale ten ich test
(telnet mail-abuse.org) ma nepusti.

Neviem si rady.


Moj sendmail.mc(m4): /pouzivam sendmail 8.9.3/

divert(-1)
dnl This is the macro config file used to generate the /etc/sendmail.cf
dnl file. If you modify thei file you will have to regenerate the
dnl /etc/sendmail.cf by running this macro config through the m4
dnl preprocessor:
dnl
dnl        m4 /etc/sendmail.mc > /etc/sendmail/cf
dnl
dnl You will need to have the sendmail-cf package installed for this to
dnl work.
include(`/usr/lib/sendmail-cf/m4/cf.m4')
define(`confDEF_USER_ID',``8:12'')
OSTYPE(`linux')
undefine(`UUCP_RELAY')
undefine(`BITNET_RELAY')
define(`confAUTO_REBUILD')
define(`confTO_CONNECT', `1m')
define(`confTRY_NULL_MX_LIST',true)
define(`confDONT_PROBE_INTERFACES',true)
define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')
define(`confEBINDIR',`/usr/sbin/smrsh')
dnl FEATURE(`smrsh',`/usr/sbin/smrsh')
FEATURE(relay_entire_domain)
FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable')
FEATURE(redirect)
FEATURE(always_add_domain)
FEATURE(use_cw_file)
FEATURE(local_procmail)
FEATURE(smrsh)
MAILER(procmail)
MAILER(smtp)
FEATURE(access_db,`hash -o /etc/mail/access')
FEATURE(`blacklist_recipients')
FEATURE(rbl)
dnl We strongly recommend to comment this one out if you want to protect
dnl yourself from spam. However, the laptop and users on computers that do
dnl not hav 24x7 DNS do need this.
dnl FEATURE(`accept_unresolvable_domains')
dnl FEATURE(`relay_based_on_MX')


a access: (moje 3 ip siete)

localhost.localdomain           RELAY
localhost                       RELAY
194.1.228                       RELAY
194.1.225                       RELAY
194.1.229                       RELAY


.... vsimol som si, ze inym v konf., ktory to testovali test_13 zahlasi
"Sender domain must exist" ked na
koniec
daju "@" (logicky)......ako toho dosiahnut ?

.... a este 1 otazka: aky je najlepsi sposob zakazania RELAY pre vsetko
okrem mijich 3 ip sieti a 1 domeny ?
(tych suborov v /etc/mail je vela, skusal som rozne  ?? - access, ip_allow,
name_allow, deny, realy-domains, ???)
(treba zo vsetkych urobit *.db, alebo iba z access)
(neviete format zapisu do nich? - viem iba access, do ostatnych som daval
ip: 194.1.228 atd. pod seba, alebo demena: metis-sk.sk atd. pod seba)



Dakujem,

Liptaj,SLOVENSKO





----- Original Message -----
From: "Petr Novotny" <Petr.Novotny na antek.cz>
To: <sendmail na linux.cz>
Sent: Tuesday, June 13, 2000 3:44 PM
Subject: Re: anti-relay-dalsi pokus ?


> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 13 Jun 00, at 15:11, Rastislav LIPTAJ wrote:
>
> > Dostal som sa po "test_13" (predtym "test_6"), zhavarovalo to - presla
posta
> > cez moj server -
> > ked ...
> >
> > Relay test 13
> > >>> MAIL FROM:<nobody na mail-abuse.org@>
> > <<< 250 <nobody na mail-abuse.org@>... Sender ok
> > >>> RCPT TO:<nobody na mail-abuse.org@>
> > <<< 250 <nobody na mail-abuse.org@>... Recipient ok
> > >>> RSET
> > <<< 250 Reset state
> > System appeared to accept a relay
>
> A jste si jist, ze by opravdu doslo k relayovani?
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP 6.0.2 -- QDPGP 2.60
> Comment: http://community.wow.net/grt/qdpgp.html
>
> iQA/AwUBOUYsrVMwP8g7qbw/EQI71ACbBJ+d5ilrW+7qjDpmx8hclpWgme4AoK0K
> C8VIPH/sNFVLs49CJ8xTDY/X
> =Ggmw
> -----END PGP SIGNATURE-----
> --
> Petr Novotny, ANTEK CS
> Petr.Novotny na antek.cz
> http://www.antek.cz
> PGP key ID: 0x3BA9BC3F
> -- Don't you know there ain't no devil there's just God when he's drunk.
>                                                              [Tom Waits]
>
>

Další informace o konferenci Sendmail