james-server-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Randahl Fink Isaksen" <rand...@rockit.dk>
Subject RE: Relay prevention
Date Wed, 22 May 2002 08:28:48 GMT
Hi Serge (and others)


I am using JAMES version 2.0.a2. I have read that JAMES is not supposed
to be an open relay by default, but the trouble is, I can't really see
anything in my enclosed configuration that should be making JAMES relay
mails - but it does.
I really had to change the default configuration, by the way, since, as
I recall, it marks everything as spam unless it originates from
localhost (if you activate the so-called anti-relay mailet, which I
presumed you should).

Has anyone got a working config file which I could compare mine to?
Preferably one which allows you to send mail from another machine than
JAMES's localhost.


Yours,
Randahl

-----Original Message-----
From: Serge Knystautas [mailto:sergek@lokitech.com] 
Sent: Wednesday, May 22, 2002 01:13
To: James Users List
Subject: Re: Relay prevention

Randahl,

What version of James are you using?  The default installation is NOT an
open relayer.  Either you've commented out or modified something if
you're
seeing otherwise.  If you think that telneting in and sending a message
shows that your server is an open relay, then I would refer you to the
second question in our FAQ.  I can't speak to the auth problem... I have
heard from the list that people have had this working.  I would suggest
searching the mailing list archives for tips on how to get this working.

Serge Knystautas
Loki Technologies - Unstoppable Websites
http://www.lokitech.com/
----- Original Message -----
From: "Randahl Fink Isaksen" <randahl@rockit.dk>
To: <james-user@jakarta.apache.org>
Sent: Tuesday, May 21, 2002 5:50 PM
Subject: Relay prevention


> Hi
>
>
> I am having a hard time stopping james from relaying mails (see config
> file below). Here is my list of unsolved issues - I would really
> appreciate any constructive feedback:
>
> 1. I am using the SenderInFakeDomain matcher but it seems to have
> no effect. If I telnet to JAMES I can easily make JAMES send an e-mail
> using arbitrary sender addresses as in "mail from:x@qjeklxksjqjs.dk".
> JAMES just gives me an "OK" response.
> 2. I have tried many different parameters for
> RemoteAddrNotInNetwork in the so-called anti-relay mailet. Currently I
> am trying to send everything to the SPAM folder unless it comes from
> 127.0.0.1 (JAMES itself) or one of my local IPs, e.g. 10.0.0.23. This
> has no effect what so ever - I tested it with on-line relay-testers,
and
> even had a friend from another network telnet to my server, and he was
> able to send an e-mail aswell.
> 3. I tried setting authRequired to true, but this seems not to be
> compatible with MS Outlook which fails to authenticate (I have tried
> many different sensible settings). This is the solution which I would
> like the most, since I hope it would could enable me to check my JAMES
> account outside the office aswell.
>
> The fact that my JAMES installation is an open relay has caused me no
> problems (yet), but I really would like to put an effort into stopping
> the spammers who are actively abusing my installation. Urgent help
will
> be highly appreciated. My config file is included below.
>
> Thanks
>
>
> Randahl
>
>
> <?xml version="1.0"?>
> <config>
>
>   <!-- The James block  -->
>   <James>
> <!-- CHECKME! Set this to the right email address for error reports
-->
>       <postmaster>postmaster@rockit.dk</postmaster>
>
> <!-- CONFIRM? -->
>       <!-- servernames identifies the DNS namespace served by this
> instance
>       of James.
>       If autodetect is TRUE, James wil attempt to discover its own
name
> AND use
>       any specified servernames.  If autodetect is FALSE, James will
use
> only
>       the specified servernames.  By default, the servername
'localhost'
> is
>       specified. This can be removed, if required. -->
>       <servernames autodetect="FALSE">
>         <servername>rockit.dk</servername>
>         <!--
>         <servername>To override autodetected server names
>                     uncomment this.  </servername>
>         <servername>localhost</servername>-->
>       </servernames>
>
>       <!-- Set whether user names are case sensitive or insensitive
-->
>       <!-- Set whether to enable local aliases -->
>       <usernames ignoreCase="TRUE" enableAliases="TRUE"
>                                    enableForwarding="TRUE"/>
>
>
>
>       <!-- The inbox repository is the location for users inboxes -->
>       <!-- Default setting: file based repository - enter path ( :///
> for absolute) -->
>       <inboxRepository>
>         <repository destinationURL="file://var/mail/inboxes/"
>                     type="MAIL">
>         </repository>
>       </inboxRepository>
>       <!-- Alternative inbox repository definition for DB use. -->
>       <!--  The format for the destinationURL is
> "db://<data-source>/<table>"
>             - <data-source> is the datasource name set up in the
>                     database-connections block, below
>             - <table> is the name of the table to store user inboxes
in
>            The user name is used as <repositoryName> for this
repository
> config.
>
>            <inboxRepository>
>         <repository destinationURL="db://maildb/inbox/"
>                     type="MAIL">
>         </repository>
>       </inboxRepository>
>       -->
>   </James>
>
>   <!-- The James Spool Manager block  -->
>   <spoolmanager>
>
>
>       <!-- number of spool threads -->
>       <threads> 10 </threads>
>
>         <!-- Set the packages from which to load mailets and matches
-->
>         <mailetpackages>
>
> <mailetpackage>org.apache.james.transport.mailets</mailetpackage>
>         </mailetpackages>
>         <matcherpackages>
>
> <matcherpackage>org.apache.james.transport.matchers</matcherpackage>
>         </matcherpackages>
>
>         <!-- Processor CONFIGURATION SAMPLE:
>              root is the first processor all mails enter -->
>         <processor name="root">
>           <!-- Checks that the MAIL FROM command was for a valid
domain.
>           Important for spam prevention. -->
>           <!-- -->
>           <mailet match="SenderInFakeDomain" class="ToProcessor">
>             <processor> spam </processor>
>           </mailet>
>
>           <!-- Important check to avoid race conditions -->
>           <mailet match="RelayLimit=30" class="Null">
>           </mailet>
>
>           <!-- Check for delivery from a known spam server -->
>           <mailet match="InSpammerBlacklist=blackholes.mail-abuse.org"
>                   class="ToProcessor">
>             <processor> spam </processor>
>             <notice> Rejected - see  http://www.mail-abuse.org/rbl/
> </notice>
>           </mailet>
>
>           <mailet match="InSpammerBlacklist=dialups.mail-abuse.org"
>                   class="ToProcessor">
>             <processor> spam </processor>
>             <notice> Dialup - see http://www.mail-abuse.org/dul/
> </notice>
>           </mailet>
>
>           <mailet match="InSpammerBlacklist=relays.mail-abuse.org"
>                   class="ToProcessor">
>             <processor> spam </processor>
>             <notice> Open spam relay - see
> http://www.mail-abuse.org/rss/ </notice>
>           </mailet>
>
>           <!-- Sample matching to kill a message (send to Null) -->
>           <mailet match="RecipientIs=badboy@badhost" class="Null">
>           </mailet>
>
>           <!-- Sends remaining mails to the transport processor for
> either
>           local or remote delivery -->
>           <mailet match="All" class="ToProcessor">
>             <processor> transport </processor>
>           </mailet>
>         </processor>
>
>         <!-- Processor CONFIGURATION SAMPLE: error is the processor
> mails with
>         failure conditions enter -->
>         <processor name="error">
>           <!-- Logs any messages to the repository specified -->
>           <mailet match="All" class="ToRepository">
>             <repositoryPath> file://var/mail/error/</repositoryPath>
>             <!-- <repositoryPath> db://conf/mail-error.properties
> </repositoryPath> -->
>             <passThrough> true </passThrough>
>           </mailet>
>
>           <!-- If you want to notify the sender their message was
marked
> as
>           spam, uncomment this -->
>           <mailet match="All" class="NotifySender">
>           </mailet>
>           <!-- -->
>
>           <!-- If you want to notify the postmaster that a message was
> marked
>           as spam, uncomment this -->
>           <mailet match="All" class="NotifyPostmaster">
>           </mailet>
>           <!-- -->
>         </processor>
>
>         <!--  Processor CONFIGURATION SAMPLE: transport is a sample
> custom
>         processor for local or remote delivery -->
>         <processor name="transport">
>           <!-- Is the recipient is for a local account, deliver it
> locally -->
>           <mailet match="RecipientIsLocal" class="LocalDelivery">
>           </mailet>
>
>           <!-- If the host is handled by this server and it did not
get
>           locally delivered,  this is an invalid recipient -->
>           <mailet match="HostIsLocal" class="ToProcessor">
>             <processor>error</processor>
>           </mailet>
>
> <!-- CHECKME!
>     Anti-relay mailet: Add your network address here,
>     e.g. "RemoteAddrNotInNetwork=127.0.0.1, abc.de.*"
> -->
>
>           <!-- This matcher-mailet pair can prevent relaying... if you
> change
>           this,  you risk making your mail server an open relay point
> for
>           spammers .
>           NOTE 1: the order of matcher-mailets is important: it must
> come after
>           valid local recipients have been dealt with but before any
> attempt is
>           made to delivery the mail remotely.
>           NOTE 2: Add your own network, if you want to relay mail
> outwards
>           NOTE 3: If you use SMTP AUTH, you may want to comment this
>           so users who are on the road can still use the server -->
>           <mailet match="RemoteAddrNotInNetwork=127.0.0.1, 10.0.0.*"
> class="ToProcessor">
>             <processor>spam</processor>
>           </mailet>
>
>           <!-- Attempt remote delivery using the specified repository
> for the
>           spool,
>           using delay time to retry delivery and the maximum number of
>           retries -->
>           <mailet match="All" class="RemoteDelivery">
>             <outgoing> file://var/mail/outgoing/ </outgoing>
>             <!-- <outgoing> db://conf/mail-outgoing.properties
> </outgoing> -->
>             <delayTime> 21600000 </delayTime>
>             <maxRetries> 5 </maxRetries>
>           </mailet>
>         </processor>
>
>         <!--  Processor CONFIGURATION SAMPLE: spam is where messages
> detected
>         as relaying or other problems will get sent.  You can either
log
> these,
>         bounce these, or just ignore them. -->
>         <processor name="spam">
>           <!-- If you wanted, you could just destroy messages,
uncomment
> this
>           matcher/mailet
>           <mailet match="All" class="Null">
>           </mailet>
>           -->
>
>           <!-- If you want to notify the sender their message was
marked
> as
>           spam, uncomment this -->
>           <mailet match="All" class="NotifySender">
>           </mailet>
>           <!-- -->
>
>           <!-- If you want to notify the postmaster that a message was
> marked
>           as  spam, uncomment this-->
>           <mailet match="All" class="NotifyPostmaster">
>           </mailet>
>           <!-- -->
>
>           <!-- Out of the box, this will log the message to a
repository
> -->
>           <mailet match="All" class="ToRepository">
>             <repositoryPath>file://var/mail/spam/</repositoryPath>
>           </mailet>
>         </processor>
>   </spoolmanager>
>
>
>   <smtpserver>
>         <port>25</port>
>         <!--<bind></bind> uncomment this if you want to bind to a
> specific
>         inetaddress -->
>         <!--<useTLS>TRUE</useTLS>uncomment this if you want to use TLS
> (SSL)
>         on this port -->
>         <handler>
>           <!-- helloName is the single host name this instance of
James
> will
>           use to identify itself  for example, in SMTP and POP3
> greetings. If
>           autodetect is TRUE, James will attempt to discover its own
> name OR
>           use 'localhost'. If autodetect is FALSE, James will use the
> value
>           given OR 'localhost' -->
>           <helloName autodetect="FALSE">ROCK IT Mail
Server</helloName>
>           <connectiontimeout>360000</connectiontimeout>
>
>         <authRequired>false</authRequired><!-- uncomment this if you
> want
>           SMTP AUTH support. This is useful if you have users who need
> to use
>           the email server on the road, while not having your server
act
> as an
>           open relay! -->
>
>         <verifyIdentity>true</verifyIdentity><!-- uncomment this if
you
> want
>           to verify that the MAIL FROM: address is the same user that
>           authenticated. This prevents a user of your mail server from
> acting
>           as somebody else -->
>
>           <!-- This sets the maximum allowed message size for the
> smtphandler
>           in KBytes. The value defaults to 0, which means no limit.
-->
>           <maxmessagesize>0</maxmessagesize>
>
>         </handler>
>   </smtpserver>
>
>
>
> </config>
>
>
>


--
To unsubscribe, e-mail:
<mailto:james-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail:
<mailto:james-user-help@jakarta.apache.org>


--
To unsubscribe, e-mail:   <mailto:james-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:james-user-help@jakarta.apache.org>


Mime
View raw message