Re: Bad-Clients: definitely not working

In article <4470F9EF.682E6BE4@xxxxxxxxxxxx>, JF Mezei
<jfmezei.spamnot@xxxxxxxxxxxx> writes:

Phillip Helbig---remove CLOTHES to reply wrote:
Then I would have to put EVERY IP I receive email from in the
good-clients list.

Nop. The good clients list is to define your local LAN so that hosts in
the good client list can relay to the outside world. Those outside the
good clients list cannot relay to the outside world. The outside workd
is defined by the "Relay -Zones:" line in the config file which defines
to whom peoople in the world can send email to via your SMTP server
without it being considered a "relay"

OK, now that you say so, it makes sense. From the documentation, one
gets the impression that it is somehow complementary to the Bad-Clients
list.

AKA: if the TCPIP SHOW CONF SMTP says "RELAY" , then you must define the
good clients and the relay zones to make your server functional AND
safe. Without both, then people can use your server as a relay server to
send hundreds of billions of spam messages (unless you are on a microvax
II where they will only be able to send dozens of spams :-)

I always have RELAY disabled. All my nodes send mail through an
external SMTP server (i.e. I don't have any nodes which aren't directly
connected to the internet for SMTP).

The Bad Clients: is acted upon right at the connection establishent
before the client can issue any commands. In your case, it appears that
the software ignores the bad clients because of an implicit good clients
that encompasses everything.

Yes. I think this is a bug, either in the software (my point of view)
or in the documentation.

Normally, people want to stop spam. Normally, they don't want to be a
relay. So the first place they look is Bad-Clients. Then it doesn't
work. The documentation doesn't say that it only works if there is a
Good-Clients defined as well. (Apparently, it doesn't matter what's in
it, it just has to exist; I don't even have RELAY switched on anywhere.)

The whole point of the good-clients list is to define which hosts can
send email to hosts that are not in your domain (aka: relay). Hosts that
are not considered "good clients" can only send email to your domain.

Is this mentioned ANYWHERE in the documentation?

.

Relevant Pages

  • Re: Linux 2.4 TCP Performance Problem?
    ... bandwidth between the affected hosts with iperf and it is> 90Mbit. ... > From Server A, I'm generating a stream of data that is extremely ... > are multiple clients connecting to Server A, ... > more of the clients. ...
    (comp.os.linux.networking)
  • Re: handle events on server
    ... I can see what you mean, your test did fail in the same way. ... my set-up the firewall on my machine which hosts the server is not ... I know this because my samples work with clients on other remote ... utilise remoting to use this outgoing connection to contact my server ...
    (microsoft.public.dotnet.framework.remoting)
  • Re: Tightening E-Mail
    ... folder should usually be empty if no relay is taking place). ... You should also check your clients for infections of viruses that may ... relay based on the server config. ... > outbound versus the reports shown by my SPAM software (GFI ...
    (microsoft.public.windows.server.sbs)
  • Re: Help with POP3 Setup
    ... when you send a mail by using a POP3 account, you are in fact using SMTP ... to your exchange server. ... You can solve this by either allowing your clients to relay messages ...
    (microsoft.public.exchange.setup)
  • Re: Accessing hosted domains inside a LAN
    ... > Yes I have set up named-based virtual hosts in the Apache config file. ... a different IP number from inside clients? ... inside number in an entry for the server name in /etc/hosts ... If you have enough machines to make this impractical ...
    (Fedora)