[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: open-relay?



> >
Sorry._Although_I'm_listed_as_a_best-preference_MX_or_A_for_that_host,/it_is
> > n't_in_my_control/locals_file,_so_I_don't_treat_it_as_local
> >
> > i think that is the one...

> Probably, but my question remains: do you have a control/locals-file ? If
the
> file doesn't exist, qmail-send will read your local domains from the
database
> and work without control/locals. However if the file exists, it will use
the
> contents of that file. I didn't implement the same for rcpthosts since

if there is no control/locals file i get the email back saying:

<test@xxxxxxxxxxx>: host mail.resonic.net[212.187.98.104] said: 553 sorry,
that
    domain isn't in my list of allowed rcpthosts (#5.7.1)

when i delete rcpthosts or add resonic.net to rcpthosts it works! but when i
delete it i have an open-relay :( but when i add it to rcpthosts, i still
have to add it :(

i think part of my problem is that im not really aware of the exact use of
the files in control/
i'd better find me some info :)

> - a non-existant rcpthosts is used for a open relay server: reading
acceptable
>   domains from the database would break this feature (internal mailservers
>   can be configured as open relay-servers since unauthorized access is
blocked
>   by the firewall).
> - rcpthosts is read by qmail-smtpd, which would need to be patched to
connect
>   to the database EVERY time a mail is received. No need to tell you that
this
>   will almost double the required database-queries. Note that this doesn't
>   count for locals: these are only read at startup of qmail-send (or when
>   qmail-send receives SIGHUP) and thus don't cause any overhead during
mail-
>   delivery.
>
> But it's probably not much work to add a configuration-flag (or
environment-
> variable to qmail-smtpd): usercpthostsfromdb, which will then qmail-smtpd
> cause to read rcpthosts from the database. However, the fastest solution
is
> currently to run:
>   psql -d userdb -U userconsult --pset format=unaligned --pset tuples_only

\
>   -c "select distinct virtual_host from passwd" -o rcpthosts
> from a hourly cronjob (something equivalent with mysql).

i think ill give this a try!

> Kind regards,
> Michael Devogelaere.
>