unable to apply changes in smtpd.cfg

[panama]

Hi,

I have been trying to prevent anonymous messages from clients in my domain. I added these lines in my smtpd.cfg:

# Prevent anonymous connections from my.com
ANONYMOUS Log_Reject .my.com
ANONYMOUS Accept ALL

I restarted smtpd:
omoff -d0 -w smtpd
omon smptd

Just in case I also restarted sendmail:
service sendmail restart

After those actions I still can send anonymous messages from clients in my domain. I appreciate any sugestions from you. The smtpd.cfg file is by default a read only, do I have to change the permissions on this file?.

My system:
CentOS 4.4
Scalix 11.0.4

Thanks for helping.

[ScalixSupport]

Hi Panama!

By default in the file /var/opt/scalix/??/s/sys/smtpd.cfg for anonymous, entry available is as
below:
ANONYMOUS Log_Reject ALL
this rejects all anonymous connections, why should we specifically mention each domain
for rejection.

Thanks,
Subir

[panama]

Hi,

Thanks Subir for your response.

Well, I know about what you mention, but even if I have the default line rejecting all anonymous attempts to send a message, I still can send messages from an anonymous user, as any user whitin my domain. For that reason I tried:

ANONYMOUS Log_Reject .my.com

When I do any other changes in smtpd.cfg and restart smtpd the changes seems are not applying. Any ideas?

Thanks in advance.

[panama]

Ok, this is what I mean (My comments begins with #):

telnet mail.mydomain.com 25
220 intranet.mydomain.com ESMTP Scalix SMTP Relay 11.0.4.10790; Thu, 07 Jun
2007 10:01:56 -0500 (EST)
##I would like to avoid this also putting another message, is it possible?.

ehlo
501 ehlo requires domain address
ehlo mail.mydomain.com
250-intranet.mydomain.com Hello [192.168.119.94], pleased to meet you
250-AUTH CRAM-MD5 LOGIN DIGEST-MD5 GSSAPI PLAIN
250-AUTH=LOGIN
250-DSN
250 8BITMIME
mail from: spam@mydomain.com
250 spam@mydomain.com... Sender ok
## I tried ANONYMOUS Reject .mydomain.com in order to reject all anonymous
## connections from clients in my domain, but as you can see it's not working.

rcpt to: valid_user@mydomain.com
250 2.1.5 valid_user@mydomain.com... Recipient ok
data
354 Enter mail, end with "." on a line by itself (relay)
subject: I don't want to allow this
.
250 2.0.0 l57F2VB9005290 Message accepted for delivery

I would like to block this, what kind of rule do I have to write to smtpd.cfg?.

I appreciate your help. Thank you.

[ScalixSupport]

Hi Panama!

I assume that the machine from which you are telnetting the Scalix Server comes under
mydomain.com and since all hosts within this domain are allowed to relay through a Relay
accept line in the smtpd.cfg file, so you are able to send mails using telnet at port 25. I hope
you got my point.

Try sending mails from a client machine outside the domain mydomain.com and see if that
works, you should get your answer.

Thanks,
Subir

[panama]

Hi,

You were correct I was telneting from a pc inside mydomain. So I tried from outside and I could send mails as well.
Any ideas?

Thanks.

[ScalixSupport]

With my default file /var/opt/scalix/??/s/sys/smtpd.cfg for anonymous, entry available is as
below:

Code: Select all

ANONYMOUS Log_Reject ALL

and when I try to

mail from: abc@def.com
rcpt to: <my gmail ID>
550 denied due to spam list

So as an anonymous user I am unable to use my test mail server for relaying. I connected
to the mail server from outside the domain where my mail server is.

Try this, see if it works.

Thanks,
Subir

[panama]

Thanks Subir.

I tried what you suggest and that's fine. However what I would like to do is avoid that someone from outside could send emails inside my domain to other valid users in my domain.

For example I could do the following from internet to my server:

mail from: spam@mydomain.com
250 spam@mydomain.com... Sender ok
rcpt to: valid_user@mydomain.com
250 2.1.5 valid_user@mydomain.com... Recipient ok

Thanks in advance.