Date: Mon, 04 Jan 2010 14:19:46 +0100 From: Peter Ulrich Kruppa <ulrich@pukruppa.net> To: FreeBsd-Questions <freebsd-questions@freebsd.org> Subject: Re: sendmail: open-relay Message-ID: <1262611186.9547.19.camel@pukruppa.net>
next in thread | raw e-mail | index | archive | help
Am Montag, den 04.01.2010, 13:02 +0000 schrieb Matthew Seaman:=20 > Peter Ulrich Kruppa wrote: > > Hi, > >=20 > > I am running my own small mail-server, i.e. I use my desktop pc for > > sending and receiving my private mails. > > That worked quite nicely the last years. From time to time I tested > my > > mail-server via abuse.net's mail-relay tester. - Never got any > > positives. > > Now suddenly I receive one: > > This is a test of third-party mail relay, generated via the > > Network Abuse Clearinghouse at http://www.abuse.net. > > =20 > > Target host =3D 213.146.114.24 pukruppa.net > > Test performed by <ulrich@pukruppa.net> from > 213.146.114.24 > > =20 > > A well-configured mail server should NOT relay third-party > > email. > > Otherwise, the server is subject to abuse by vandals and > > spammers, > > and probable blacklisting by recipients of the unwanted > > third-party > > e-mail. > > Of course I had some fun trying to read sendmail's documentation. > But I > > guess I need some help with this. > >=20 > > I am running FreeBSD -STABLE 8.0 amd64 . > > I don't think I ever played around with sendmail's configuration. I > just > > use it as came out of the box. > >=20 > > Any ideas? >=20 > Plenty. But it would help a great deal if you showed us your > ${hostname}.mc. > The default sendmail config in FreeBSD isn't an open relay. In fact, > it takes a bit of effort to make sendmail do open relay type stuff > nowadays, > and there are big fat warnings in the docco > (/usr/share/sendmail/cf/README) > about most of those. O.K. this is my complete pukruppa.net.mc -------------------------------------------- divert(-1) # # Copyright (c) 1983 Eric P. Allman # Copyright (c) 1988, 1993 # The Regents of the University of California. All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # 3. All advertising materials mentioning features or use of this software # must display the following acknowledgement: # This product includes software developed by the University of # California, Berkeley and its contributors. # 4. Neither the name of the University nor the names of its contributors # may be used to endorse or promote products derived from this software # without specific prior written permission. # # THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE # ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # # # This is a generic configuration file for FreeBSD 5.X and later systems. # If you want to customize it, copy it to a name appropriate for your # environment and do the modifications there. # # The best documentation for this .mc file is: # /usr/share/sendmail/cf/README or # /usr/src/contrib/sendmail/cf/README # divert(0) VERSIONID(`$FreeBSD: src/etc/sendmail/freebsd.mc,v 1.34.2.3 2008/08/31 18:26:27 gshapiro Exp $') OSTYPE(freebsd6) DOMAIN(generic) FEATURE(access_db, `hash -o -T<TMPF> /etc/mail/access') FEATURE(blacklist_recipients) FEATURE(local_lmtp) FEATURE(mailertable, `hash -o /etc/mail/mailertable') FEATURE(virtusertable, `hash -o /etc/mail/virtusertable') dnl Uncomment to allow relaying based on your MX records. dnl NOTE: This can allow sites to use your server as a backup MX without dnl your permission. dnl FEATURE(relay_based_on_MX) dnl DNS based black hole lists dnl -------------------------------- dnl DNS based black hole lists come and go on a regular basis dnl so this file will not serve as a database of the available servers. dnl For that, visit dnl http://www.google.com/Top/Computers/Internet/E-mail/Spam/Blacklists/ dnl Uncomment to activate Realtime Blackhole List dnl information available at http://www.mail-abuse.com/ dnl NOTE: This is a subscription service as of July 31, 2001 dnl FEATURE(dnsbl) dnl Alternatively, you can provide your own server and rejection message: dnl FEATURE(dnsbl, `blackholes.mail-abuse.org', ``"550 Mail from " $&{client_add r} " rejected, see http://mail-abuse.org/cgi-bin/lookup?" $&{client_addr}'') dnl Dialup users should uncomment and define this appropriately dnl define(`SMART_HOST', `your.isp.mail.server') dnl Uncomment the first line to change the location of the default dnl /etc/mail/local-host-names and comment out the second line. dnl define(`confCW_FILE', `-o /etc/mail/sendmail.cw') define(`confCW_FILE', `-o /etc/mail/local-host-names') dnl Enable for both IPv4 and IPv6 (optional) DAEMON_OPTIONS(`Name=3DIPv4, Family=3Dinet') DAEMON_OPTIONS(`Name=3DIPv6, Family=3Dinet6, Modifiers=3DO') define(`confBIND_OPTS', `WorkAroundBrokenAAAA') define(`confNO_RCPT_ACTION', `add-to-undisclosed') define(`confPRIVACY_FLAGS', `authwarnings,noexpn,novrfy') MAILER(local) MAILER(smtp) ----------------------------------------- Greetings Uli. >=20 > Cheers, >=20 > Matthew >=20
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1262611186.9547.19.camel>