Jerry Geis <geisj at pagestation.com> wrote (with a few extraneous bits removed): > ------------ Original Message ------------ > >>> > >>> > >> >>>> Date: Wednesday, November 12, 2008 03:33:11 PM -0500 >> >>>> From: Jerry Geis <geisj at pagestation.com> >> >>>> To: CentOS ML <centos at centos.org> >> >>>> Subject: [CentOS] close open relay >> >>>> >> >>>> hi all, running centos 4.7 i686. >> >>>> >> >>>> I seem to have an o pen r elay sendmail server. >> >>>> How do I close it? >> >>>> >> >>>> I have the STRAIGHT centos install sendmail.mc file. >> >>>> Only thing I changed was: >> >>>> dnl DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl >> >>>> >> >>>> so as to allow incoming email and not just localhost. however >> >>>> this seems to relay everyone. >> >>>> >> >>>> I looked at http://www.sendmail.org/tips/relaying but it just >> >>>> talks about (AFIKT) >> >>>> enabling specific relays to occur - not how to CLOSE the >> >>>> relaying. >> >>>> >> >>>> How do I close the relay? >> >>>> >> >>>> Jerry >> >>>> _______________________________________________ >> >>>> CentOS mailing list >> >>>> CentOS at centos.org >> >>>> http://lists.centos.org/mailman/listinfo/centos >> >>>> >> >>>> >> > >>> ------------ End Original Message ------------ .... > Sure enough I tried your test and that looks good... > > HOwever, when i run this test: > HELO example.com > MAIL From: TheBoss at example.com > RCPT To: geisj at pagestation.com > DATA > Subject: Think we're insecure... > I have a feeling our mail server is being abused... > .. > QUIT > > and paste that into port 25 of my server (telnet I'm talking) > I get the email and I should not ( I presume) as I am not example.com. > > Jerry The bottom of the file /etc/sendmail.mc should look like the following (change my domain, davenjudy.org, to whatever is appropriate for your domain). This won't get rid of any open relay problems but will at least fix the "example.com" issue: ... dnl # dnl # The following example makes mail from this host and any additional dnl # specified domains appear to be sent from mydomain.com dnl # MASQUERADE_AS(`davenjudy.org')dnl dnl # dnl # masquerade not just the headers, but the envelope as well dnl # dnl FEATURE(masquerade_envelope)dnl dnl # dnl # masquerade not just @mydomainalias.com, but @*.mydomainalias.com as well dnl # FEATURE(masquerade_entire_domain)dnl dnl # dnl MASQUERADE_DOMAIN(localhost)dnl dnl MASQUERADE_DOMAIN(localhost.localdomain)dnl MASQUERADE_DOMAIN(local.davenjudy.org)dnl MASQUERADE_DOMAIN(davenjudy.org)dnl As for possibly having an open relay, you also want to make sure that the following line is commented out (has dnl at the beginning): dnl # dnl FEATURE(`relay_based_on_MX')dnl dnl # Finally, you'll need a line like: FEATURE(`relay_entire_domain')dnl DO NOT uncomment any of the other lines in sendmail.mc regarding relay settings unless you know what you're doing. If you aren't sure what was changed from the default, remove the sendmail-cf rpm and reinstall it to get back to a clean, default sendmail.mc file. It's a good idea to explicitly run make in /etc/mail and then bounce sendmail rather than let the sendmail startup script decide something has changed since it's easier to catch syntax errors that way. Finally, get a free mail account at your provider of choice (Google, Hotmail, whoever) and use it for testing both sending and receiving mail. Cheers, Dave -- Politics, n. Strife of interests masquerading as a contest of principles. -- Ambrose Bierce