Qmail에서 vpopmaill과 연동하여 사용할 경우open relay를 거부 하는 방법입니다.
기본적으로 vpopmail은 tcp.smtpd 파일에 로컬 호스트만 릴레이가 가능하도록 설정 되어 있습니다.
[root@yongbok ~]# cat /usr/local/vpopmail/etc/tcp.smtp
127.:allow,RELAYCLIENT=””
위와 같이 설정 되어 있어도 릴레이가 되는 경우가 있는데.. 이때는 Patch를 적용하여 거부 시키면 됩니다.
Qmail을 컴파일시 Patch를 적용하여 설치 합니다.
[root@yongbok ~]# cd /tmp
[root@yongbok ~]# wget http://qmail.yongbok.net/qmail-1.03.tar.gz
[root@yongbok ~]# tar xzvf qmail-1.03.tar.gz
[root@yongbok ~]# cd qmail-1.03
[root@yongbok ~]# wget http://qmail.yongbok.net/qmail-smtpd-relay-reject
[root@yongbok ~]# patch -p0 < qmail-smtpd-relay-reject
Hmm… Looks like a unified diff to me…
The text leading up to this was:
————————–
|— orig/qmail-smtpd.c Mon Jun 15 06:53:16 1998
|+++ qmail-smtpd.c Sat Feb 9 12:07:19 2002
————————–
Patching file qmail-smtpd.c using Plan A…
Hunk #1 succeeded at 53.
Hunk #2 succeeded at 217.
Hunk #3 succeeded at 266.
Hmm… Ignoring the trailing garbage.
done
[root@yongbok ~]# make ; make setup check ; ./config
– FreeBSD 사용자는 ports에 넣어 바로 Patch 할수 있습니다.
[root@yongbok ~]# cd /usr/ports/mail/qmail/files
[root@yongbok ~]# wget http://qmail.yongbok.net/qmail-smtpd-relay-reject
[root@yongbok ~]# mv qmail-smtpd-relay-reject patch-smtpd-relay-reject
[root@yongbok ~]# cd ../ ; make install clean
open relay를 검사 해봅니다.
19번의 relay 테스트를 통해 확인 하면 됩니다.
Mail Relay testing.
Connecting to yongbok.net for test …<<< 220 yongbok.net ESMTP
>>> HELO h.rbl.jp
<<< 250 yongbok.net
Relay test 0>>> RSET
<<< 250 flushed
>>> MAIL FROM: <rlychk@h.rbl.jp>
<<< 250 ok
>>> RCPT TO: <rlytest@rbl.jp>
<<< 553 sorry, that domain isn’t in my list of allowed rcpthosts (#5.7.1)
relay NOT accepted!!
Relay test 1>>> RSET
<<< 250 flushed
>>> MAIL FROM: <rlychk>
<<< 250 ok
>>> RCPT TO: <rlytest@h.rbl.jp>
<<< 553 sorry, that domain isn’t in my list of allowed rcpthosts (#5.7.1)
relay NOT accepted!!
Relay test 2>>> RSET
<<< 250 flushed
>>> MAIL FROM: <>
<<< 250 ok
>>> RCPT TO: <rlytest@h.rbl.jp>
<<< 553 sorry, that domain isn’t in my list of allowed rcpthosts (#5.7.1)
relay NOT accepted!!
Relay test 3>>> RSET
<<< 250 flushed
>>> MAIL FROM: <rlychk@yongbok.net>
<<< 250 ok
>>> RCPT TO: <rlytest@h.rbl.jp>
<<< 553 sorry, that domain isn’t in my list of allowed rcpthosts (#5.7.1)
relay NOT accepted!!
Relay test 4>>> RSET
<<< 250 flushed
>>> MAIL FROM: <rlychk@[183.102.80.33]>
<<< 250 ok
>>> RCPT TO: <rlytest@h.rbl.jp>
<<< 553 sorry, that domain isn’t in my list of allowed rcpthosts (#5.7.1)
relay NOT accepted!!
Relay test 5>>> RSET
<<< 250 flushed
>>> MAIL FROM: <rlychk@yongbok.net>
<<< 250 ok
>>> RCPT TO: <rlytest%h.rbl.jp@yongbok.net>
<<< 553 we don’t relay (#5.7.1)
relay NOT accepted!!
Relay test 6>>> RSET
<<< 250 flushed
>>> MAIL FROM: <rlychk@yongbok.net>
<<< 250 ok
>>> RCPT TO: <rlytest%h.rbl.jp@[183.102.80.33]>
<<< 553 we don’t relay (#5.7.1)
relay NOT accepted!!
Relay test 7>>> RSET
<<< 250 flushed
>>> MAIL FROM: <rlychk@yongbok.net>
<<< 250 ok
>>> RCPT TO: <“rlytest@h.rbl.jp”>
<<< 553 sorry, that domain isn’t in my list of allowed rcpthosts (#5.7.1)
relay NOT accepted!!
Relay test 8>>> RSET
<<< 250 flushed
>>> MAIL FROM: <rlychk@yongbok.net>
<<< 250 ok
>>> RCPT TO: <“rlytest%h.rbl.jp”>
<<< 553 we don’t relay (#5.7.1)
relay NOT accepted!!
Relay test 9>>> RSET
<<< 250 flushed
>>> MAIL FROM: <rlychk@yongbok.net>
<<< 250 ok
>>> RCPT TO: <rlytest@h.rbl.jp@yongbok.net>
<<< 553 we don’t relay (#5.7.1)
relay NOT accepted!!
Relay test 10>>> RSET
<<< 250 flushed
>>> MAIL FROM: <rlychk@yongbok.net>
<<< 250 ok
>>> RCPT TO: <“rlytest@h.rbl.jp”@yongbok.net>
<<< 553 we don’t relay (#5.7.1)
relay NOT accepted!!
Relay test 11>>> RSET
<<< 250 flushed
>>> MAIL FROM: <rlychk@yongbok.net>
<<< 250 ok
>>> RCPT TO: <“rlytest@h.rbl.jp”@[183.102.80.33]>
<<< 553 we don’t relay (#5.7.1)
relay NOT accepted!!
Relay test 12>>> RSET
<<< 250 flushed
>>> MAIL FROM: <rlychk@yongbok.net>
<<< 250 ok
>>> RCPT TO: <@yongbok.net:rlytest@h.rbl.jp>
<<< 553 sorry, that domain isn’t in my list of allowed rcpthosts (#5.7.1)
relay NOT accepted!!
Relay test 13>>> RSET
<<< 250 flushed
>>> MAIL FROM: <rlychk@yongbok.net>
<<< 250 ok
>>> RCPT TO: <@[183.102.80.33]:rlytest@h.rbl.jp>
<<< 553 sorry, that domain isn’t in my list of allowed rcpthosts (#5.7.1)
relay NOT accepted!!
Relay test 14>>> RSET
<<< 250 flushed
>>> MAIL FROM: <rlychk@yongbok.net>
<<< 250 ok
>>> RCPT TO: <h.rbl.jp!rlytest>
<<< 553 we don’t relay (#5.7.1)
relay NOT accepted!!
Relay test 15>>> RSET
<<< 250 flushed
>>> MAIL FROM: <rlychk@yongbok.net>
<<< 250 ok
>>> RCPT TO: <h.rbl.jp!rlytest@yongbok.net>
<<< 553 we don’t relay (#5.7.1)
relay NOT accepted!!
Relay test 16>>> RSET
<<< 250 flushed
>>> MAIL FROM: <rlychk@yongbok.net>
<<< 250 ok
>>> RCPT TO: <h.rbl.jp!rlytest@[183.102.80.33]>
<<< 553 we don’t relay (#5.7.1)
relay NOT accepted!!
Relay test 17>>> RSET
<<< 250 flushed
Skipped
Relay test 18>>> RSET
<<< 250 flushed
Skipped
Relay test 19>>> RSET
<<< 250 flushed
>>> MAIL FROM: <rlychk@localhost>
<<< 250 ok
>>> RCPT TO: <rlytest@h.rbl.jp>
<<< 553 sorry, that domain isn’t in my list of allowed rcpthosts (#5.7.1)
relay NOT accepted!!
Closing connection …>>> QUIT
<<< 221 yongbok.net
Relay test resultAll tests performed, no relays accepted.
Thanks 😀