[Techtalk] Qmail urgent!

Kai MacTane kmactane at GothPunk.com
Mon Dec 3 12:21:08 EST 2001 

At 12/3/01 06:16 AM , Marcia Corrente wrote:
>      I'm in real trouble with qmail's configuration...
>I think this shouldn't be hard to do, but since I'm a
>newbie to qmail, I couldn't ('till now) find the way
>to block other servers than mine to send messages
>trought my qmail server. People are using my server to
>send spam all over the net and my server is already
>blocked at various anti-spam services... I need help!!

Set up the file /var/qmail/control/rcpthosts. It should contain a list of 
all hosts you want Qmail to accept mail for, one per line. If you want to 
receive mail for an entire domain (i.e., all hosts in foo.tld, ranging from 
a.foo.tld to z.foo.tld), then you can simply use a line that says 
".foo.tld" (note the leading period).

This will cause Qmail not to accept any mail that isn't destined for the 
domains you host, which will keep spammers from relaying through your server.

Next, you need to allow your own users to legitimately relay through your 
mail server. This is the part where you should go and read the stuff on 
selective relaying, as provided by Brian Sweeney. Comments on that follow.

At 12/3/01 09:33 AM , Brian Sweeney wrote:

>It depends on what you define as "hard to do" ;).  Selective relaying with 
>qmail is (IMHO) a little tricky; you have to use the tcpserver package.

Which is the recommended way to set up qmail-smtpd anyway, so that 
shouldn't be much of a problem. Of course, the syntax is totally unlike 
Sendmail, which can be very confusing for an experienced Sendmail admin 
trying to run Qmail...

>The reason for this, if I remember right, is that qmail itself doesn't 
>really handle selective relaying; it either relays or doesn't.

That's not actually true; it relays from a given IP or it doesn't, but 
that's the case with *any* system that's doing selective relaying, whether 
it be Qmail, Sendmail, Postfix, Exim, of Jimmy-Joe-Bob's Homebrewed MTA.

I think the confusing part is that, with most selective relaying setups for 
Qmail, the list of standard rcpthosts is in /var/qmail/control/rcpthosts 
(which makes total sense), but the list of relaying-allowed IPs is 
(usually) somewhere else, such as /etc/smtp/smtp.filter.* or what-have-you.

>One thing I loved about qmail though; I found the documentation to be 
>REALLY helpful.  They explain much better than I do.  Check out the 
>following link to just get your problem resolved ASAP:
>
>http://www.palomine.net/qmail/selectiverelay.html
>
>Also, though, if you haven't, look through Life with Qmail 
>(http://www.lifewithqmail.org/).  It's the documentation for qmail. Their 
>section on relaying (http://www.lifewithqmail.org/lwq.html#relaying) would 
>also help some, but the one mentioned above is more complete.

I'd just like to back up your mention of these URLs; they're both excellent 
resources. (I wish Dave Sill's LWQ had been around when I was learning Qmail!)

                                                 --Kai MacTane
----------------------------------------------------------------------
"Wind in wings,/Two angels falling
  To die like this/With a last kiss..."
                                                 --Siouxsie and the
                                                   Banshees,
                                                  "Face to Face"

More information about the Techtalk mailing list