Open relay warning issue

Luigi Rosa lists at luigirosa.com
Sun Jul 22 10:24:25 CEST 2012


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I think I have an idea on why sometimes amavisd issues a "Open relay? Nonlocal
recips but not originating" warning.

Consider this scenario.

I have many external servers of my customer. Each one of them has an alias
table that remaps local administrative accounts (root, logwatch...) to
lrosa at hypertrek.info, a local account on my mail server.

When I receive a message of this kind, amavisd issues a warning "Open relay?
Nonlocal recips but not originating: lrosa at hypertrek.info"

Those are the headers of one of such messages:


Return-Path: <root at saldflux.net>
Delivered-To: <lrosa at hypertrek.info>
Received: from mail.luigirosa.com
	by mail.luigirosa.com (Dovecot) with LMTP id KUlkEZm2C1BKDwAAP6OfHg
	for <lrosa at hypertrek.info>; Sun, 22 Jul 2012 10:15:21 +0200
Received: from localhost (mail.luigirosa.com [127.0.0.1])
	by mail.luigirosa.com (HyperTrek-Postfix) with ESMTP id 3WfzCs1wBYz1fhYw
	for <lrosa at hypertrek.info>; Sun, 22 Jul 2012 10:15:21 +0200 (CEST)
X-Virus-Scanned: amavisd-new at luigirosa.com
Received: from mail.luigirosa.com ([127.0.0.1])
	by localhost (mail.luigirosa.com [127.0.0.1]) (amavisd-new, port 10024)
	with LMTP id IL9ybQuEF0EB for <lrosa at hypertrek.info>;
	Sun, 22 Jul 2012 10:15:20 +0200 (CEST)
Received: from free.dsl.vodafone.it (free.dsl.vodafone.it [91.80.36.31])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mail.luigirosa.com (HyperTrek-Postfix) with ESMTPS id 3WfzCr4fn0z1fhYv
	for <lrosa at hypertrek.info>; Sun, 22 Jul 2012 10:15:20 +0200 (CEST)
Received: from mail.saldflux.net (net-188-219-236-122.cust.dsl.vodafone.it
[188.219.236.122])
	by free.dsl.vodafone.it  with ESMTP id q6M8FJM0023844-q6M8FJM1023844
	for <lrosa at hypertrek.info>; Sun, 22 Jul 2012 10:15:19 +0200
Received: from localhost (mail.saldflux.net [127.0.0.1])
	by mail.saldflux.net (Postfix) with ESMTP id 3WfzCq4v1Wz1Gh6d
	for <lrosa at hypertrek.info>; Sun, 22 Jul 2012 10:15:19 +0200 (CEST)
X-Virus-Scanned: amavisd-new at saldflux.net
Received: from mail.saldflux.net ([127.0.0.1])
	by localhost (mail.saldflux.net [127.0.0.1]) (amavisd-new, port 10024)
	with LMTP id T7Pm8XaSs93z for <lrosa at hypertrek.info>;
	Sun, 22 Jul 2012 10:15:19 +0200 (CEST)
Received: by mail.saldflux.net (Postfix, from userid 0)
	id 3WfzCq1KSPz1Gh6c; Sun, 22 Jul 2012 10:15:19 +0200 (CEST)
From: root at saldflux.net (Cron Daemon)
To: root at saldflux.net
Subject: Cron <root at mail>
Content-Type: text/plain; charset=UTF-8
Auto-Submitted: auto-generated
X-Cron-Env: <SHELL=/bin/sh>
X-Cron-Env: <HOME=/root>
X-Cron-Env: <PATH=/usr/bin:/bin>
X-Cron-Env: <LOGNAME=root>
X-Cron-Env: <USER=root>
Message-Id: <3WfzCq1KSPz1Gh6c at mail.saldflux.net>
Date: Sun, 22 Jul 2012 10:15:18 +0200 (CEST)



I think that the problem is that the finel recipient of the email translated
with sender alias table (lrosa at hypertrek.info) is not listed in the headers of
the message.

For reference here's the @local_domains_maps and @mynetworks


@local_domains_maps = ( [".$mydomain", "luigirosa.com", "hypertrek.info",
".hypertrek.info", ".mail.hypertrek.info", ".hypertrek.org",
".luigi.rosa.name", ".insconsulting.biz"] );  # list of all local domains

@mynetworks = qw( 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10
                  10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 );




Ciao,
luigi

- -- 
/
+--[Luigi Rosa]--
\

Life would be so much easier if we could just look at the source code.
    --Dave Olson
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAlALuLEACgkQ3kWu7Tfl6ZRJwwCePPeOYJS2Qz4jI/JB8/EFhY1m
N+UAmgIofpYp1jW7kZBW0MpFE7O3H1i2
=kv5j
-----END PGP SIGNATURE-----


More information about the amavis-users mailing list