SMTP Relay is Acting Up

[STXRich]

FC4 running Community v10. Spamassassin 3.1, ClamAV 88.2

Recently the SMTP relay has started rejecting emails being sent outbound.
I checked the smtpd.cfg file, and it hasn't changed.

I decided to add in a quick line of RELAY Accept ALL. When I did that, the email was sent through. I then removed that line, and telneted into the smtp relay from another machine. When I did this, the opening greeting line read as follows:

220 fedora ESMTP Scalix SMTP Relay 10.0.0.175; Thu, 18 May 2006 08:51:27 -0400 (

The IP listed there, is neither our Internal IP for the machine, nor the external one that is linked to via our DNS entries. How do I make it so that this IP is correc? We suspect that the relay no longer knows where it is, and thus is failing all the emails based upon our current ruleset.

smtpd.cfg

Code: Select all

EXTENSIONS=AUTH,DSN,8BITMIME

SMTPFILTER=TRUE
RELAY Log_Accept 127.0.0.1
RELAY Log_Accept 172.16.1.0/172.16.1.255
RELAY Log_Accept .ourdomain.com
RELAY Log_Reject ALL

# extra rules added to prevent open relay usage
RECIPIENT Log_Reject *@*@*
RECIPIENT Log_Reject *%*
RECIPIENT Log_Reject *!*
RECIPIENT Log_Reject *#*@*

hosts file

Code: Select all

# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1       localhost       localhost
172.16.1.67     fedora  fedora.ourdomain.com

/etc/mail/local-host-names

Code: Select all

# local-host-names - include all aliases for your machine here.
ourdomain.com
fedora.ourdomain.com
[our external ip]

Thanks.
-Rich-

[STXRich]

Wow. Don't I feel like an idiot. The 10.0.0.175 isn't an IP, it's the scalix version. :-)

However, I'm still having the problems mentioned above.
Any ideas would be great, cause I'm all out.

[ScalixSupport]

Code: Select all

RELAY Log_Accept 172.16.1.0/172.16.1.255
RELAY Log_Accept .ourdomain.com

The important lines are here...

The first one should be a netmask so should read:

Code: Select all

RELAY Log_Accept 172.16.1.0/255.255.255.0

If you're not using DNS, the /etc/hosts line should read:

Code: Select all

yourIP fedora.ourdomain.com fedora

otherwise the resolved name will always default to fedora and not the FQDN.

You should restart the SMTP Relay after making the change.

Cheers

Dave[/code]

[STXRich]

Thanks. It was indeed the hosts file screwing me up.
Must have gotten changed by something the other day.

Question, why should the relay be 172.16.1.0/255.255.255.0 ? I thought that was a strict IP range, which would cause it to allow any IP from 172.16.1.0 and higher? Or is it smart enough to just allow all 172.16.1.x ips?

-RIch-

[ScalixSupport]

http://en.wikipedia.org/wiki/Netmask#Network_masks is very good at explaining a netmask much better that I ever can :D

The comments in the smtpd.cfg file show

Code: Select all

# ########
# PATTERNS
# ########
#
# Hostname Patterns
#  - an IP address, eg 123.234.132.231
#  - an IP subnet and mask, eg 123.234.200.0/255.255.240.0
#  - a hostname, eg bert.loc.co.uk
#  - the end of a domain, eg .spammer.net
#  - the start of a domain, 123.234.
#  - the keyword ALL matches all hosts
#  - the keyword LOCAL matches all hosts that do not contain a .


It doesn't mention the ability to add a range of addresses in the form you specified.

Cheers

Dave