550 Denied due to spam list - please help....

gregwatson · Postby **gregwatson** » Thu Aug 24, 2006 4:34 am

"Community Geek" ??

Florian

Has LDAP integration changed much recently compared with the articles I was reading in the forum? For example is there the ability to work live from another LDAP server (eg so that authentication is done against an existing LDAP/samba database) instead of having to use the ldapsync thing at regular intervals?

The ideal for us would be to have our central LDAP database providing authentication for everything without needing to run omldapsync... Or is omldapsync still required?

Thanks
Greg

gregwatson · Postby **gregwatson** » Thu Aug 24, 2006 4:45 am

Just reading man om_ldap right now...

But wondering if there's any way to manage without using om_ldapsync at all, ever. I guess not?

gregwatson · Postby **gregwatson** » Thu Aug 24, 2006 5:06 am

It's a shame there is no "How To" on setting up external LDAP authentication. I can see that there is probably sufficient information scattered around the forum and the man pages but it's going to take a while to collect it all together...

florian · Postby **florian** » Thu Aug 24, 2006 1:33 pm

you don't need omldapsync - this would create accounts in scalix based on ldap accounts. if you don't use it, you'll have to manually make sure that then authentication id matches the ldap search criteria - this happens automatically when you create the users with omldapsync.

i absolutely agree about the docs - it's too scattered, however our doc people are extremely busy getting done what has to be done for the scalix 11 update.

can i make a proposal? :-)

I'll give a scalix t-shirt to the first person who creates a meaningful wiki how-to summary for setting up LDAP authentication.

test will be me setting it up losing all my memory beforehand and just following it through step-by-step! :.-)

Any contestants?

Cheers,
Florian.

peg110 · Postby **peg110** » Mon Nov 20, 2006 12:01 pm

ok, I have followed this thread to try and resolve a 550 Denied due to spam list that I keep getting.

As others have stated I can send using the Web interface (IMAP) but I am unable to send via MS Outlook. Everything gets a "550 Denied due to spam list" error.

I have several domains providing email for and have added them in the /var/opt/scalix/sys/smtpd.cfg file as well as IP addresses.

Code: Select all

RELAY accept 127.0.0.1
RELAY accept HOSTNAME.mydomain.com
RELAY accept .mydomain2.com
RELAY accept .mydomain3.com
RELAY accept .mydomain4.com
RELAY accept 192.168.254.
RELAY accept 123.234.235.123

The first one is for the local host. I added the secondone (the fqdn of the server). Then the subsequent domains I service. None of these resolved the problem. I then added my INTERNAL network IDs (originally I just had the few IP Addresses that would/could use the server for mail but then used the block) and finally I added my external IP address.

Each change I did the following:

Code: Select all

omoff -d0 -w smtpd
omon -w smtpd

Still I get the 550 error.

What am I doing wrong? HELP!

P.S. I do like everything so far about the Scalix server (well accept this problem) and once I have figured it out completely (or at least enough) I will likely upgrade from the community version).

florian · Postby **florian** » Mon Nov 20, 2006 12:06 pm

Are you using Outlook via Scalix Connect or via IMAP/SMTP?

Florian.

peg110 · Postby **peg110** » Mon Nov 20, 2006 12:09 pm

florian wrote:Are you using Outlook via Scalix Connect or via IMAP/SMTP?

Florian.

I am using the IMAP/SMTP when I am away from home and POP3 when I am at home. (POP3 set to keep messages on server until deleted from Outlook)

florian · Postby **florian** » Mon Nov 20, 2006 12:11 pm

did you set Outook to authenticate via SMTP? (Not even sure if it is able to do that....)

If you access the system from the outside, you can obviously not allow Outlook to relay through the scalix server, so you must set it up to authenticate via SMTP using your user name and password before sending. This will allow the relay action.

Florian.

peg110 · Postby **peg110** » Mon Nov 20, 2006 12:21 pm

florian wrote:did you set Outook to authenticate via SMTP? (Not even sure if it is able to do that....)

Yes Outlook is able to do that, and No I did not set it up that way. After making that change, it seems to have solved the problem.

I guess my next question is do I need all those "RELAY" lines in the smtpd.cfg? Are the harmful to leave in if not really needed?

Thanks again.

florian · Postby **florian** » Mon Nov 20, 2006 12:26 pm

well, they would allow anyone coming from one of these addresses to relay without authentication, so to send via your server.

normally this should certainly be restricted to your internal domain/network, if at all.

what must be put in there for scalix 10 is the hostname/ip address of your machine running the SWA server. if this is on the same machine, it must be listed (NOT as localhost)

generally, as long as everything works for you, it is best to cut down the relay list to the bare necessary mimimum, to avoid any trojans or other worms to use your scalix server as a spam relay.

Florian.

peg110 · Postby **peg110** » Sat Nov 25, 2006 8:47 pm

Ok... It's back again.. All messages going outside the domain from an outlook client (pop3) are being blocked 550 Denied due to spam list

I have the following in the RELAY list (/var/opt/scalix/sys/smtpd.cfg )

Code: Select all

SMTPFILTER=TRUE
RELAY accept 127.0.0.1
RELAY accept HOSTNAME.mydomain.com
RELAY accept .mydomain2.com
RELAY accept .mydomain3.com
RELAY accept .mydomain4.com
RELAY accept 192.168.254.
RELAY accept 123.234.235.123

Users are set to send authentication with smtp traffic as well. It seemed like it was working for awhile but now it's not.

What am I missing?

rtrice81 · Postby **rtrice81** » Mon Nov 27, 2006 10:56 am

i know this is not the correct way, but i block out

the RELAY rejects all line and it works fine for me

this will work until we find out what we are missing

Richie

rtrice81 · Postby **rtrice81** » Mon Nov 27, 2006 10:56 am

i know this is not the correct way, but i block out

the RELAY rejects all line and it works fine for me

this will work until we find out what we are missing

Richie

florian · Postby **florian** » Mon Nov 27, 2006 11:02 am

well, this might make your system an open relay - so if the box is available from the internet, you'll end up on a lot of blacklists pretty soon and probably no longer receive any decent email. spammers might start loving you, though. Relaying should be restricted as tightly as possible.

Florian.

rtrice81 · Postby **rtrice81** » Mon Nov 27, 2006 11:10 am

florian wrote:well, this might make your system an open relay - so if the box is available from the internet, you'll end up on a lot of blacklists pretty soon and probably no longer receive any decent email. spammers might start loving you, though. Relaying should be restricted as tightly as possible.

Florian.

yeah, but i how do you get the other working, i am not the only one that seems not to be able to get it working

Scalix Forums

550 Denied due to spam list - please help....

Who is online