Open relay from localhost and other questions
Robert Moskowitz
rgm at htt-consult.com
Mon Apr 24 16:40:36 CEST 2017
On 04/22/2017 01:00 AM, Benny Pedersen wrote:
> Robert Moskowitz skrev den 2017-04-21 21:16:
>
>> Been doing some research. mynetworks should stop the localhost from
>> seeming like an Open relay. I don't have this problem on my old
>> production server. I am researching it.
>
> check originating policy banks in amavisd, make sure local originated
> emails is gone into this bank in amavisd, this is important else it
> would be seen as a relay host and all sorts of fake msgs :=)
>
> and for xforward in mta as well to help solve it
>
> i dont use amavisd anymore, so cant help more with it
I have just done more testing, and cannot get this working. I even
copied exactly what I have for @mynetworks from my old system, and made
the change right were the default in amavis.conf is instead of appending
it to the end. No change.
@mynetworks = qw( 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10
10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 );
And this server is at: 192.168.192.14/24
The old system is running: amavisd-new-2.6.4-2.el6
and the new one: amavisd-new-2.10.1-5.el7
Also BOTH .confs define policy_bank as:
$policy_bank{'MYNETS'} = { # mail originating from @mynetworks
originating => 1, # is true in MYNETS by default, but let's make it
explicit
os_fingerprint_method => undef, # don't query p0f for internal clients
};
And no where is MYNETS defined on either system's .conf
? Puzzled
WAIT!!!
The old server is at: 50.253.254.3/28
and that is not EVEN in @mynetworks!
And the other servers are on 50.253.254.0/28 and they do not get the
Open Relay message!
Something else is at work here...
More information about the amavis-users
mailing list