Open Relays
Francis J. Lacoste
flacoste at logreport.org
Fri Feb 28 19:04:35 CET 2003
On mar, 2003-02-25 at 10:56, Beckie Pack wrote:
> Hello,
>
> I think your software is the coolest thing next to chocolate!
Thanks a lot!
>
> I'm not that familiar with the sendmail logs. I've tested my machine for
> open relays through the telnet 25 helo commands but I want to make
> absolutely sure. What should I look for in the sendmail log file?
Well, you should look for email that are relayed through your server,
that is email that come from a remote host and is develired to another
remote host.
Included with Lire is a report called 'top-deliveries-btw-relays' which
you can activate by adding the lines
=section Relaying
top-deliveries-btw-relays connection_to_show=30
to your report configuration file (email.cfg). Consult "Chapter 5:
Customizing Lire's Reports" for all the details.
In the generated report, you can then look for entries where the
receiving and destination relays are different than 'localhost'. These
entries are the hosts that relayed through your server. Now, this
doesn't mean that your server is an open relay. But if the sender's or
destination doesn't appear legitimate, then it is a bad smell.
Kind regards
Francis J. Lacoste
--
Francis J. Lacoste . . http://www.logreport.org
/^LogReport$/ . . flacoste at logreport.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.logreport.org/pipermail/questions/attachments/20030228/4d6c4514/attachment.bin
More information about the Questions
mailing list