Help to setup just to be a BACKUP MX SMTP & no spam rela

Use this forum if you have installed hMailServer and want to ask a question related to a production release of hMailServer. Before posting, please read the troubleshooting guide. A large part of all reported issues are already described in detail here.
Post Reply
chapyn
New user
New user
Posts: 10
Joined: 2007-03-29 16:42

Help to setup just to be a BACKUP MX SMTP & no spam rela

Post by chapyn » 2007-03-29 16:55

First of All,
this is my first message in the forum.
I want to say Hello everybody!
Ok Hmailserver guru, I need you help to be sure that my Mx backup SMTP is secure. I dont want that spammer use my backup mail server and i just want that all the email just can send to my main mail server (Exchange 2003)!

I did some test in open relay :

WebSite : http://www.aupads.org/

Result :
Mail relay testing
Connecting to mail2.xxxx.com for relay test...
>>> HELO antispam-ufrj.pads.ufrj.br
<<< 220 mail2.xxxx.com ESMTP
Relay test 1
>>> RSET
<<< 250 Hello.
>>> MAIL FROM: <spamtest@antispam-ufrj.pads.ufrj.br>
<<< 250 OK
>>> RCPT TO: <relaytest@antispam-ufrj.pads.ufrj.br>
<<< 250 OK

>>> QUIT
<<< 530 SMTP authentication is required.
Relay test result
Ops!!! Host appeared to accept a message relay, but it may or not may a positive open relay. I need procced a complete test, sending a test message to probe it. This anonymous user test did not send a test message.


WebSite : http://www.mob.net/

result :

Connecting to mail2.xxxxx.com ...
<<< 220 mail2.xxxxx.com ESMTP
>>> HELO godfather.mob.net
<<< 250 Hello.
>>> MAIL FROM:
<<< 250 OK
>>> RCPT TO:
<<< 530 SMTP authentication is required.


In my main mail server that i do not setup with the test open relay :

WebSite : http://www.mob.net/

Connecting to mail.xxxxx.com ...
<<< 220 yyyyyy.xxxxxxx.local SMTP Server ready
>>> HELO godfather.mob.net
<<< 250 yyyyyy.xxxxxxx.local yyyyyy.xxxxxxx.local Hello 207-191-194-245.cpe.ats.mcleodusa.net [207-191-194-245.cpe.ats.mcleodusa.net/207.191.194.245], Pleased to meet you
>>> MAIL FROM:
<<< 250 yyyyyy.xxxxxxx.local 2.1.0 ... Sender ok
>>> RCPT TO:
<<< 551 yyyyyy.xxxxxxx.local 5.7.1
ConfirmedOpenRelay1@mob.net... SMTP Relay Denied


Why in my mail2.xxx.com the test is not SMTP Relay Denied? How Can i setup my mail2.xxx.com to be SMTP Relay Denied?

Thanks for your help!
Last edited by chapyn on 2007-03-30 15:47, edited 1 time in total.

User avatar
martin
Developer
Developer
Posts: 6834
Joined: 2003-11-21 01:09
Location: Sweden
Contact:

Post by martin » 2007-03-29 18:01

I wonder if that first test is really run properly. It looks a bit strange to me.

Are you running some other SMTP software in front of hMailServer, such as ASSP or something similar?

Can you enable SMTP logging in hMailServer, re-run the test and then post the SMTP log here?

chapyn
New user
New user
Posts: 10
Joined: 2007-03-29 16:42

Post by chapyn » 2007-03-29 18:16

No SMTP software only Hmailserver is running

"DEBUG" 1920 "2007-03-29 11:59:37.921" "GreyListCleanerTask::DoWork()"
"TCPIP" 2024 "2007-03-29 12:00:17.421" "Created accept socket 1460 on listening socket 1128"
"DEBUG" 2024 "2007-03-29 12:00:17.421" "Socket::Socket(ID: 93)"
"SMTPD" 2024 93 "2007-03-29 12:00:17.421" "146.164.48.5" "SENT: 220 mail2.xxxxx.com ESMTP"
"SMTPD" 2016 93 "2007-03-29 12:00:18.421" "146.164.48.5" "RECEIVED: HELO antispam-ufrj.pads.ufrj.br"
"SMTPD" 2016 93 "2007-03-29 12:00:18.421" "146.164.48.5" "SENT: 250 Hello."
"SMTPD" 2016 93 "2007-03-29 12:00:19.687" "146.164.48.5" "RECEIVED: RSET"
"SMTPD" 2016 93 "2007-03-29 12:00:19.687" "146.164.48.5" "SENT: 250 OK"
"SMTPD" 2016 93 "2007-03-29 12:00:20.843" "146.164.48.5" "RECEIVED: MAIL FROM: <spamtest@antispam-ufrj.pads.ufrj.br>"
"SMTPD" 2016 93 "2007-03-29 12:00:20.843" "146.164.48.5" "SENT: 250 OK"
"SMTPD" 2016 93 "2007-03-29 12:00:21.953" "146.164.48.5" "RECEIVED: RCPT TO: <relaytest@antispam-ufrj.pads.ufrj.br>"
"SMTPD" 2016 93 "2007-03-29 12:00:21.953" "146.164.48.5" "SENT: 530 SMTP authentication is required."
"DEBUG" 2016 "2007-03-29 12:00:21.953" "AWStats::LogDeliveryFailure"
"SMTPD" 2016 93 "2007-03-29 12:00:27.468" "146.164.48.5" "RECEIVED: QUIT"
"DEBUG" 2016 "2007-03-29 12:00:27.468" "PersistentMessage::DeleteFile()"
"DEBUG" 2016 "2007-03-29 12:00:27.468" "PersistentMessage::~DeleteFile() - E3"
"SMTPD" 2016 93 "2007-03-29 12:00:27.468" "146.164.48.5" "SENT: 221 goodbye"
"TCPIP" 2024 "2007-03-29 12:00:27.468" "Disconnecting socket 1208 for session 93"
"DEBUG" 2016 "2007-03-29 12:00:27.468" "Socket::~Socket(ID: 93)"
"DEBUG" 1920 "2007-03-29 12:01:37.921" "GreyListCleanerTask::DoWork()"
"DEBUG" 1920 "2007-03-29 12:01:37.921" "TimedoutConnectionRemoverTask::DoWork()"
"DEBUG" 1920 "2007-03-29 12:02:37.921" "GreyListCleanerTask::DoWork()"
"DEBUG" 1920 "2007-03-29 12:04:37.921" "GreyListCleanerTask::DoWork()"
"DEBUG" 1920 "2007-03-29 12:05:37.921" "GreyListCleanerTask::DoWork()"
"DEBUG" 1920 "2007-03-29 12:06:37.921" "TimedoutConnectionRemoverTask::DoWork()"
Last edited by chapyn on 2007-03-30 15:47, edited 1 time in total.

User avatar
martin
Developer
Developer
Posts: 6834
Joined: 2003-11-21 01:09
Location: Sweden
Contact:

Post by martin » 2007-03-29 18:43

Looks to me like the test on http://www.aupads.org/ is broken. If you read the hMailServer log snippet you posted, you see that hMailServer has rejected the RCPT TO command. On the web page, it says that the RCPT TO was successfully. I suspect they have some bug in the script which runs the test..

porcupine
Normal user
Normal user
Posts: 40
Joined: 2007-03-12 09:02

Post by porcupine » 2007-03-30 04:14

the set up is identical to a normal hMailServer installation, except you don't have a domain with mailboxes, you have a domain under Protocols - SMTP - Routes

for security
under IP ranges, set your 'Internet' as follows:-
Allow deliveries from:
all checked except 'External to extternal accounts'

Require Authentication for deliveries:
to local accounts - unchecked
to remote accounts - checked

Now go to Protocols - SMTP - Routes
Add a route:
add the domain and server you want to forward to
Treat as local domain

Now go to Spam protection and turn on Greylisting and DNSBL's

You now have a secure backup MX.

chapyn
New user
New user
Posts: 10
Joined: 2007-03-29 16:42

Post by chapyn » 2007-03-30 15:29

That what I want for an answer!!! i will turn on Greylisting and DNSBL's.

Thanks alot
porcupine wrote:the set up is identical to a normal hMailServer installation, except you don't have a domain with mailboxes, you have a domain under Protocols - SMTP - Routes

for security
under IP ranges, set your 'Internet' as follows:-
Allow deliveries from:
all checked except 'External to extternal accounts'

Require Authentication for deliveries:
to local accounts - unchecked
to remote accounts - checked

Now go to Protocols - SMTP - Routes
Add a route:
add the domain and server you want to forward to
Treat as local domain

Now go to Spam protection and turn on Greylisting and DNSBL's :D

You now have a secure backup MX.

chapyn
New user
New user
Posts: 10
Joined: 2007-03-29 16:42

Post by chapyn » 2007-04-01 23:23

Hi I just active the GreyListing and DNSBL.
Now my Backup MX doesn't accept email...
SENT : 451 Please try again later.
When i desactivate Greylisting everything is working fine...
How i can setup the the GreyListing right?

thanks
porcupine wrote:the set up is identical to a normal hMailServer installation, except you don't have a domain with mailboxes, you have a domain under Protocols - SMTP - Routes

for security
under IP ranges, set your 'Internet' as follows:-
Allow deliveries from:
all checked except 'External to extternal accounts'

Require Authentication for deliveries:
to local accounts - unchecked
to remote accounts - checked

Now go to Protocols - SMTP - Routes
Add a route:
add the domain and server you want to forward to
Treat as local domain

Now go to Spam protection and turn on Greylisting and DNSBL's

You now have a secure backup MX.

^DooM^
Site Admin
Posts: 13861
Joined: 2005-07-29 16:18
Location: UK

Post by ^DooM^ » 2007-04-02 01:26


Post Reply