Mailing List Archive

Relay
I find this strange (sorry for my step by step explanation,but I'm no
qmail expert):

In order to prevent SPAM I have a rcpthosts file with all the domains I
receive email for. But then I block out a customer that I receive email
for, but who runs his own domain on another computer.

Turn on relaying, I thought. FAQ 5.4 should do it. But alas no. I tried
tcp_wrappers. I tried to get the source to tcp_wrappers and turn on
hosts_options. I tried installing tcp_server. But no matter what I do,
qmail responds: Sorry, the recepeint doesn't seem to be in my rcpthosts
(or something like that).

What can I do to return to the correct path?
Re: Relay [ In reply to ]
Kaare Rasmussen <kar@webline.dk> writes:

> In order to prevent SPAM I have a rcpthosts file with all the domains I
> receive email for. But then I block out a customer that I receive email
> for, but who runs his own domain on another computer.

Put hosts you are MX for in rcpthosts.

For instance, my primary mail machine is mail.flame.org, and has
this in the rcpthosts file:

localhost
flame.org
.flame.org

My secondary, mail2.flame.org, also has:

localhost
flame.org
.flame.org

in the rcpthosts file, but the important difference is, the secondary
does _NOT_ have flame.org or .flame.org in its locals file.

Is that the sort of thing you are trying to do? Receive mail for some
other domain, but not allow general relaying, or are you talking about
OUTGOING mail rather than INCOMING?

--Michael
Re: Relay [ In reply to ]
On Tue, Jun 15, 1999 at 02:50:28PM +0200, Dimitri SZAJMAN wrote:

man tcprules

> Hi !
>
> I am using ucspi to accept relaying for a certain class of IP. I recently
> added a new class in /etc/tcp.smtp but qmail doesnt relay for this class. I
> think I have to "compile" this file, but how (like m4 with sendmail I
> suppose)...

--
Anand
Re: relay [ In reply to ]
On Sat, Nov 27, 1999 at 06:24:28PM +0100, Hans Sansdalen wrote:
> Hi
>
> I'm used to sendmail, the the response "We do not relay" when
> people use "%...@domain" in the to field. I have tried to
> make qmail give some response of the same kind, but I haven't
> succeded. Tried the wildmat-0.2-patch, but it was not for version
> 1.03?

qmail does not support the percenthack per default.
You have to manually add support for it by creating
/var/qmail/control/percenthack. So no worries.

Or do is your main concern HOW the message is bounced?

Then:

If a mail to hans%sansdalen.com@yourdomain.net is getting in, it will
probably be catched by ~alias/.qmail-default (depending how you handle
the mail).

You could do this at one line in that very .qmail-file:

| perl -e 'if ($ENV{DEFAULT} =~ /\%/) { print "We do not relay";exit 100;}

which checks the address and bounces them containing a %.

> I have installed qmail-1.03-antispam4-b1.diff, but I'm not shure
> how to use it, and if it will help me.

Neither am I.

> Any suggestions?

Lykke till.

/magnus - kvarts norsk.

--
http://x42.com/
Re: relay [ In reply to ]
Magnus Bodin writes:
> You could do this at one line in that very .qmail-file:
>
> | perl -e 'if ($ENV{DEFAULT} =~ /\%/) { print "We do not relay";exit 100;}
>
> which checks the address and bounces them containing a %.

The problem is that the SMTP server accepts the message. Most relay
checkers don't bother to see if the mail gets bounced later. They
presume that an accepted message is a relayed message.

--
-russ nelson <sig@russnelson.com> http://russnelson.com
Crynwr sells support for free software | PGPok | Government schools are so
521 Pleasant Valley Rd. | +1 315 268 1925 voice | bad that any rank amateur
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | can outdo them. Homeschool!
Re: relay [ In reply to ]
At 19:30 27.11.99 +0100, Magnus Bodin wrote:
>On Sat, Nov 27, 1999 at 06:24:28PM +0100, Hans Sansdalen wrote:
>> Hi
>>
>> I'm used to sendmail, the the response "We do not relay" when
>> people use "%...@domain" in the to field. I have tried to
>> make qmail give some response of the same kind, but I haven't
>> succeded. Tried the wildmat-0.2-patch, but it was not for version
>> 1.03?
>
>qmail does not support the percenthack per default.
>You have to manually add support for it by creating
>/var/qmail/control/percenthack. So no worries.

I created the file. Is that all? I could not find it documented
anywhere? Is an empty file enough?

I want an email with a "to" address with ".*%.*@.*" to be rejected.

>
>Or do is your main concern HOW the message is bounced?
>
>Then:
>
>If a mail to hans%sansdalen.com@yourdomain.net is getting in, it will
>probably be catched by ~alias/.qmail-default (depending how you handle
>the mail).
>
>You could do this at one line in that very .qmail-file:
>
>| perl -e 'if ($ENV{DEFAULT} =~ /\%/) { print "We do not relay";exit 100;}
>
>which checks the address and bounces them containing a %.
>
>> I have installed qmail-1.03-antispam4-b1.diff, but I'm not shure
>> how to use it, and if it will help me.
>
>Neither am I.
>
>> Any suggestions?
>
>Lykke till.
>
>/magnus - kvarts norsk.

:), thanks magnus...


>
>--
>http://x42.com/
>
>
Re: relay [ In reply to ]
On Sun, Nov 28, 1999 at 11:42:45AM +0100, Hans Sansdalen wrote:
> At 19:30 27.11.99 +0100, Magnus Bodin wrote:
> >On Sat, Nov 27, 1999 at 06:24:28PM +0100, Hans Sansdalen wrote:
> >> Hi
> >>
> >> I'm used to sendmail, the the response "We do not relay" when
> >> people use "%...@domain" in the to field. I have tried to
> >> make qmail give some response of the same kind, but I haven't
> >> succeded. Tried the wildmat-0.2-patch, but it was not for version
> >> 1.03?
> >
> >qmail does not support the percenthack per default.
> >You have to manually add support for it by creating
> >/var/qmail/control/percenthack. So no worries.
>
> I created the file. Is that all? I could not find it documented
> anywhere? Is an empty file enough?
>
> I want an email with a "to" address with ".*%.*@.*" to be rejected.

You should NOT create the file if you want these to be rejected.
As I said: "qmail does not support the percenthack per default."

So if you want to reject this, then remove the percenthack file.
(But if you want to support it, yes an empty file is enough).

If you want to REJECT the mails, then you must patch qmail. (I don't know
the patch you need).

But if you can live with just bouncing them, then look at my former
suggestion.

/magnus

--
http://x42.com/
Re: relay [ In reply to ]
At 12:10 28.11.99 +0100, Magnus Bodin wrote:
>On Sun, Nov 28, 1999 at 11:42:45AM +0100, Hans Sansdalen wrote:
>> At 19:30 27.11.99 +0100, Magnus Bodin wrote:
>> >On Sat, Nov 27, 1999 at 06:24:28PM +0100, Hans Sansdalen wrote:
>> >> Hi
>> >>
>> >> I'm used to sendmail, the the response "We do not relay" when
>> >> people use "%...@domain" in the to field. I have tried to
>> >> make qmail give some response of the same kind, but I haven't
>> >> succeded. Tried the wildmat-0.2-patch, but it was not for version
>> >> 1.03?
>> >
>> >qmail does not support the percenthack per default.
>> >You have to manually add support for it by creating
>> >/var/qmail/control/percenthack. So no worries.
>>
>> I created the file. Is that all? I could not find it documented
>> anywhere? Is an empty file enough?
>>
>> I want an email with a "to" address with ".*%.*@.*" to be rejected.
>
>You should NOT create the file if you want these to be rejected.
>As I said: "qmail does not support the percenthack per default."
>
>So if you want to reject this, then remove the percenthack file.
>(But if you want to support it, yes an empty file is enough).
>
>If you want to REJECT the mails, then you must patch qmail. (I don't know
>the patch you need).
>

Anyone have an idea? And if, where do I find it?

Tried to use the wildmat-0.2 patch (with uses a file badmailpatterns), but
that was not for qmail-1.03.

>But if you can live with just bouncing them, then look at my former
>suggestion.
>
>/magnus
>
>--
>http://x42.com/
>
>
Re: relay [ In reply to ]
On Sat, 27 Nov 1999 18:24:28 +0100, Hans Sansdalen wrote:

>I'm used to sendmail, the the response "We do not relay" when
>people use "%...@domain" in the to field. I have tried to
>make qmail give some response of the same kind, but I haven't

What's wrong with:

| echo "$LOCAL" | grep -v '%' >/dev/null 2>&1 || { echo "We do not
relay"; exit 100; }

in ~alias/.qmail-default


-Sincerely, Fred

(Frederik Lindberg, Infectious Diseases, WashU, St. Louis, MO, USA)
Re: relay [ In reply to ]
Fred Lindberg wrote:
>
> On Sat, 27 Nov 1999 18:24:28 +0100, Hans Sansdalen wrote:
>
> >I'm used to sendmail, the the response "We do not relay" when
> >people use "%...@domain" in the to field. I have tried to
> >make qmail give some response of the same kind, but I haven't
>
> What's wrong with:
>
> | echo "$LOCAL" | grep -v '%' >/dev/null 2>&1 || { echo "We do not
> relay"; exit 100; }
>
> in ~alias/.qmail-default
>
> -Sincerely, Fred
>
> (Frederik Lindberg, Infectious Diseases, WashU, St. Louis, MO, USA)

I would prefer a solution where qmail responded with this message
when it is talking to the "other end" (not accept the mail at all).

qmail does not accept a mail when the from field is in the
badmailfrom file :)
--
/hans
Re: relay [ In reply to ]
On Sun, 28 Nov 1999, Hans Sansdalen wrote:

[snip]
> >qmail does not support the percenthack per default.
> >You have to manually add support for it by creating
> >/var/qmail/control/percenthack. So no worries.
>
> I created the file. Is that all? I could not find it documented
> anywhere? Is an empty file enough?

For any of qmail's control files "man qmail-control" is your friend.
It'll tell you which control file gets read by which program.

> I want an email with a "to" address with ".*%.*@.*" to be rejected.

So if someone has an address which happens to have a "%" in it (which is
completely legal in the local part) you want to refuse delivery? Or only
for local deliveries? The reason that the control file is called
percenthack, is that it's not a standard, it's just a kludge to ask a
particular host to relay to somewhere else, originally as a gateway to
some other mail system. If that host doesn't know about the expected
meaning of the percent hack, it will attempt to deliver it locally.

The "problem" is as Russ has said that certain (all, that I've seen)
relay-checking code assumes that acceptance of the percent-hacked address
implies that the host will relay. As qmail accepts (almost) everything
and checks it later, the bounce refusing to relay is generated later.

[snip]

--
"Life is much too important to be taken seriously."
Thomas Erskine <thomas.erskine-dated-sig@crc.ca> (613) 998-2836
Re: relay [ In reply to ]
On Mon, 29 Nov 1999 09:33:14 +0100, Hans Sandsdalen wrote:

>I would prefer a solution where qmail responded with this message
>when it is talking to the "other end" (not accept the mail at all).
>
>qmail does not accept a mail when the from field is in the
>badmailfrom file :)

qmail-smtpd.c. Look at badmailfrom implementation. Your hack is a
simpler version. All you do is check if '%' is in the recpient address.


-Sincerely, Fred

(Frederik Lindberg, Infectious Diseases, WashU, St. Louis, MO, USA)
Re: Relay [ In reply to ]
Thus said Michael on Thu, 06 Aug 2015 11:51:02 -0400:

> I need the qmail server to relay for the domain *auranetix.com

Do you mean *.auranetix.com or *auranetix.com?

The file that controls the domains for which qmail-smtpd will allow
relaying is rcpthosts (man qmail-smtpd).

Thanks,

Andy
--
TAI64 timestamp: 4000000055c43ffc