how to close open relay

[manishie]

hi all,

here's the situation. in addition to local user mailboxes in scalix, i also use mailman. so scalix should look for the user first, then if there is no mailbox, it should hand the mail to sendmail which should hand it to mailman.

the problem is with the line in the scalix smtpd.cfg "RELAY Log_Reject ALL". if i leave that uncommented, then when scalix can't find the mailman aliases, instead of passing it off to sendmail, it rejects the mail. if i comment the line, then my server turns into an open relay, and the spammers take over.

i'm also using spamassasin, although i don't think that's causing the problem. here's a snippet from the smtpd.cfg file:
------------------------------------------------------
SMTPFILTER=TRUE
RELAY accept 127.0.0.1
RECIPIENT accept @mydomain.com

RELAY Log_Reject ALL

# extra rules added to prevent open relay usage
RECIPIENT Log_Reject *@*@*
RECIPIENT Log_Reject *%*
RECIPIENT Log_Reject *!*
RECIPIENT Log_Reject *#*@*
------------------------------------------------------
ideas?

[kanderson]

What do you have in /etc/mail/local-host-names?

Kev.

[manishie]

my stupidity!

i had:
SMTPFILTER=TRUE
RELAY accept 127.0.0.1
RECIPIENT accept @mydomain.com
RELAY Log_Reject ALL

but i should have had:
SMTPFILTER=TRUE
RELAY accept 127.0.0.1
RELAY mydomain.com
RELAY Log_Reject ALL

the incorrect method at top was rejecting everything for my domain that wasn't a scalix account (e.g. my mailman addresses). the second correct method would accept anything addressed to my domain, and if scalix didn't find it as a scalix user, it would hand it off to sendmail, which would hand it to mailman.

mkm