Byteplant Forum

Home » CleanMail Support » CleanMail Server Talk » Open Relay
Open Relay [message #864] Mon, 01 November 2004 15:37
chrisso
Messages: 2
Registered: October 2004
Junior Member
Can anyone tell me what this FAQ means please - in another way.

No Spam Today! SMTP Proxy Configuration
My mail server is configured as SMTP relay server to all locally connected users (relay restrictions are configured based on IP addresses). Now - after installing No Spam Today! - I have an open relay!

When No Spam Today! forwards mails your mail server "sees" only the IP address of the machine running No Spam Today!. You have to exclude the IP address of the No Spam Today! server from the list of hosts that you allow relaying for. Make sure the users you relay for connect to your mail server directly, not via No Spam Today! The No Spam Today! server is meant to filter incoming emails from the internet, and not the email of your trusted users.

Re: Open Relay [message #865 is a reply to message #864] Tue, 02 November 2004 10:43 Go to previous message
support
Messages: 918
Registered: April 2004
Senior Member
You relay outgoing mail for local users, that is someone using a mail client on the local machine with IP address 192.168.0.5 submits its mail to your server at 192.168.0.1 for delivery.

If you now replace your server at 192.168.0.1 with NoSpamToday! listening on the same IP address and port, your outgoing mail will be scanned with SpamAssassin. This is harmless, but unnecessary.

But the main point of this FAQ entry is the way your mail server is configured to allow relaying only for local users, and not for someone connected from the Internet (if relay for anyone, you get an open relay).

It is quite common way in mail server software configuration, to allow relaying only for a number of IP addresses on the local network. In the above example, you would add 192.168.0.5 to the list of clients that may use your server as mail relay.

You must make sure, that the IP address NoSpamToday! uses is not 0n this list, because otherwise you get an open relay (NoSpamToday! receives the mail from the internet, and forwards it to the mail server from its own IP address, so anyone on the internet could use your server as mail relay).

Also, some server software implicitly allows relaying for all mail coming from the localhost interface. In this case, do not use the localhost (127.0.0.1) interface in the outgoing server setting of NoSpamToday!. Instead, use the mail server's IP address, in the example above this would be something like 192.168.0.1.

Also, we have rewritten the configuration chapter in the new manual supplied with version 2.0, you can read it online here:

http://www.nospamtoday.com/server/manual.pdf



Customer Support
Byteplant GmbH
Previous Topic: Open Relay
Next Topic: Version 2.0
Goto Forum:
  


Current Time: Tue Sep 27 19:13:54 CEST 2016