Email question
Alexander Dalloz
alexander.dalloz at uni-bielefeld.de
Sat Jul 31 01:19:11 UTC 2004
Am Sa, den 31.07.2004 schrieb Jake McHenry um 2:44:
> I just deleted all files in queue, and already got some more: result of
> mailq ... started as pages and pages of this. if I get rid of virtusertable,
> mailq stays at 0.
Curious. Unfortunately you did not give an impression what you entered
into the virtusertable.
> /var/spool/mqueue (1 request)
> -----Q-ID----- --Size-- -Priority- ---Q-Time--- --------Sender/Recipient----
> ----
> i6V0dRbA009914* 2084 210559 Jul 30 20:39 <z3vsr.jcchg at foredu.com.cn>
> 8BITMIME
> <skywalk at cht.com.tw>
> <skywalker at lager.com.tw>
> <skywalk.liu at msa.hinet.net>
> <skyw70617 at yahoo.com.tw>
> <skywaker1126 at yahoo.com.tw>
> <skywalker0802 at yahoo.com.tw>
> <skyw1026 at yam.com>
> Total requests: 1
That looks really like SPAM attempts through an open relay. Do these
queued messages will sit there or will they be delivered if you do not
prevent this? I fear it is last case. If you do a relay test your own,
does it show your host as open?
> sendmail.mc file
That is not based on the default Fedora sendmail.mc. You run the Fedora
Sendmail 8.12.10 or 8.12.11?
> divert(-1)dnl
> include(`/usr/share/sendmail-cf/m4/cf.m4')dnl
> VERSIONID(`setup for Red Hat Linux')dnl
> OSTYPE(`linux')dnl
> define(`confDEF_USER_ID',``8:12'')dnl
> define(`confTRUSTED_USER', `smmsp')dnl
^^^^^^^^^^^^^ This line is very bad and was in the default sendmail.mc
prior to Fedora. You should remove that as it breaks the security model
of Sendmail introduced with release 8.12.
> define(`confTO_CONNECT', `1m')dnl
> define(`confTRY_NULL_MX_LIST',true)dnl
> define(`confDONT_PROBE_INTERFACES',true)dnl
> define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')dnl
> define(`ALIAS_FILE', `/etc/aliases')dnl
> define(`UUCP_MAILER_MAX', `2000000')dnl
> define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl
> define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
> define(`confAUTH_OPTIONS', `A')dnl
> define(`confTO_IDENT', `0')dnl
> FEATURE(`no_default_msa',`dnl')dnl
> FEATURE(`smrsh',`/usr/sbin/smrsh')dnl
> FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl
> FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl
The "-o" parameter is not good, although it is by default in the .mc
file of Fedora's Sendmail. But it prevents to see if there is something
going wrong with such a map file. At least for debugging change it to:
FEATURE(`mailertable')dnl
FEATURE(`virtusertable')
> FEATURE(redirect)dnl
> FEATURE(always_add_domain)dnl
> FEATURE(use_cw_file)dnl
> FEATURE(use_ct_file)dnl
> FEATURE(local_procmail,`',`procmail -t -Y -a $h -d $u')dnl
> FEATURE(`access_db',`hash -T<TMPF> -o /etc/mail/access.db')dnl
> FEATURE(`blacklist_recipients')dnl
> EXPOSED_USER(`root')dnl
> DAEMON_OPTIONS(`Port=smtp,Addr=0.0.0.0, Name=MTA')dnl
> LOCAL_DOMAIN(`localhost.localdomain')dnl
>
> MAILER(smtp)dnl
> MAILER(procmail)dnl
This rest is all default from the Redhat/Fedora sendmail.mc file. There
is no macro activated which configures Sendmail dangerously or even as
an open relay.
Your sendmail.cf is based on this .mc file? You have the sendmail-cf
package installed and a "make -C /etc/mail" does not print out errors? I
ask to be sure about these basics.
What about your submit.mc file, any changes there?
> access file
>
> # Check the /usr/share/doc/sendmail/README.cf file for a description
> # of the format of this file. (search for access_db in that file)
> # The /usr/share/doc/sendmail/README.cf is part of the sendmail-doc
> # package.
> #
> # by default we allow relaying from localhost...
> localhost.localdomain RELAY
> localhost RELAY
> 127.0.0.1 RELAY
>
> 24.229.98.7 RELAY
Ok, that access_db is very basic and apart from last line contains only
the necessary 3 default lines for localhost. So there must be something
different that leads to the current situation. In a different thread you
mentioned you have DRAC running - how is that configured and activated?
Alexander
--
Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13
Fedora GNU/Linux Core 2 (Tettnang) kernel 2.6.6-1.435.2.3.ad.umlsmp
Serendipity 02:54:42 up 4 days, 12:01, load average: 0.31, 0.45, 0.34
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20040731/b28b0d4f/attachment-0001.sig>
More information about the fedora-list
mailing list