From owner-freebsd-questions@FreeBSD.ORG Mon Jan 4 13:17:59 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E89C81065679 for ; Mon, 4 Jan 2010 13:17:59 +0000 (UTC) (envelope-from ulrich@pukruppa.net) Received: from pukruppa.net (pukruppa.net [213.146.114.24]) by mx1.freebsd.org (Postfix) with ESMTP id 589468FC15 for ; Mon, 4 Jan 2010 13:17:59 +0000 (UTC) Received: from pukruppa.net (localhost [127.0.0.1]) by pukruppa.net (8.14.3/8.14.3) with ESMTP id o04DJlFK084175; Mon, 4 Jan 2010 14:19:47 +0100 (CET) (envelope-from ulrich@pukruppa.net) Received: (from ulrich@localhost) by pukruppa.net (8.14.3/8.14.3/Submit) id o04DJkM7084174; Mon, 4 Jan 2010 14:19:46 +0100 (CET) (envelope-from ulrich@pukruppa.net) From: Peter Ulrich Kruppa To: FreeBsd-Questions Content-Type: text/plain; charset="ISO-8859-15" Content-Transfer-Encoding: quoted-printable Date: Mon, 04 Jan 2010 14:19:46 +0100 Message-ID: <1262611186.9547.19.camel@pukruppa.net> Mime-Version: 1.0 X-Mailer: Evolution 2.29.4 FreeBSD GNOME Team Port Cc: Subject: Re: sendmail: open-relay X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 04 Jan 2010 13:18:00 -0000 Am Montag, den 04.01.2010, 13:02 +0000 schrieb Matthew Seaman:=20 > Peter Ulrich Kruppa wrote: > > Hi, > >=20 > > I am running my own small mail-server, i.e. I use my desktop pc for > > sending and receiving my private mails. > > That worked quite nicely the last years. From time to time I tested > my > > mail-server via abuse.net's mail-relay tester. - Never got any > > positives. > > Now suddenly I receive one: > > This is a test of third-party mail relay, generated via the > > Network Abuse Clearinghouse at http://www.abuse.net. > > =20 > > Target host =3D 213.146.114.24 pukruppa.net > > Test performed by from > 213.146.114.24 > > =20 > > A well-configured mail server should NOT relay third-party > > email. > > Otherwise, the server is subject to abuse by vandals and > > spammers, > > and probable blacklisting by recipients of the unwanted > > third-party > > e-mail. > > Of course I had some fun trying to read sendmail's documentation. > But I > > guess I need some help with this. > >=20 > > I am running FreeBSD -STABLE 8.0 amd64 . > > I don't think I ever played around with sendmail's configuration. I > just > > use it as came out of the box. > >=20 > > Any ideas? >=20 > Plenty. But it would help a great deal if you showed us your > ${hostname}.mc. > The default sendmail config in FreeBSD isn't an open relay. In fact, > it takes a bit of effort to make sendmail do open relay type stuff > nowadays, > and there are big fat warnings in the docco > (/usr/share/sendmail/cf/README) > about most of those. O.K. this is my complete pukruppa.net.mc -------------------------------------------- divert(-1) # # Copyright (c) 1983 Eric P. Allman # Copyright (c) 1988, 1993 # The Regents of the University of California. All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # 3. All advertising materials mentioning features or use of this software # must display the following acknowledgement: # This product includes software developed by the University of # California, Berkeley and its contributors. # 4. Neither the name of the University nor the names of its contributors # may be used to endorse or promote products derived from this software # without specific prior written permission. # # THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE # ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # # # This is a generic configuration file for FreeBSD 5.X and later systems. # If you want to customize it, copy it to a name appropriate for your # environment and do the modifications there. # # The best documentation for this .mc file is: # /usr/share/sendmail/cf/README or # /usr/src/contrib/sendmail/cf/README # divert(0) VERSIONID(`$FreeBSD: src/etc/sendmail/freebsd.mc,v 1.34.2.3 2008/08/31 18:26:27 gshapiro Exp $') OSTYPE(freebsd6) DOMAIN(generic) FEATURE(access_db, `hash -o -T /etc/mail/access') FEATURE(blacklist_recipients) FEATURE(local_lmtp) FEATURE(mailertable, `hash -o /etc/mail/mailertable') FEATURE(virtusertable, `hash -o /etc/mail/virtusertable') dnl Uncomment to allow relaying based on your MX records. dnl NOTE: This can allow sites to use your server as a backup MX without dnl your permission. dnl FEATURE(relay_based_on_MX) dnl DNS based black hole lists dnl -------------------------------- dnl DNS based black hole lists come and go on a regular basis dnl so this file will not serve as a database of the available servers. dnl For that, visit dnl http://www.google.com/Top/Computers/Internet/E-mail/Spam/Blacklists/ dnl Uncomment to activate Realtime Blackhole List dnl information available at http://www.mail-abuse.com/ dnl NOTE: This is a subscription service as of July 31, 2001 dnl FEATURE(dnsbl) dnl Alternatively, you can provide your own server and rejection message: dnl FEATURE(dnsbl, `blackholes.mail-abuse.org', ``"550 Mail from " $&{client_add r} " rejected, see http://mail-abuse.org/cgi-bin/lookup?" $&{client_addr}'') dnl Dialup users should uncomment and define this appropriately dnl define(`SMART_HOST', `your.isp.mail.server') dnl Uncomment the first line to change the location of the default dnl /etc/mail/local-host-names and comment out the second line. dnl define(`confCW_FILE', `-o /etc/mail/sendmail.cw') define(`confCW_FILE', `-o /etc/mail/local-host-names') dnl Enable for both IPv4 and IPv6 (optional) DAEMON_OPTIONS(`Name=3DIPv4, Family=3Dinet') DAEMON_OPTIONS(`Name=3DIPv6, Family=3Dinet6, Modifiers=3DO') define(`confBIND_OPTS', `WorkAroundBrokenAAAA') define(`confNO_RCPT_ACTION', `add-to-undisclosed') define(`confPRIVACY_FLAGS', `authwarnings,noexpn,novrfy') MAILER(local) MAILER(smtp) ----------------------------------------- Greetings Uli. >=20 > Cheers, >=20 > Matthew >=20