[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] FAQ: email relaying.

Subject: [cobalt-users] FAQ: email relaying.
From: Dom Latter <d.latter@xxxxxxx>
Date: Tue May 2 10:43:17 2000

Seeing as this comes up so often, and I've just delved into the 
subject on behalf of a Qube2 owner I thought I'd get my understanding
of the problem into the archives...

Comments please, particularly from the DNS expert(s)...

"Relaying Denied" = What's Going On?
====================================

Many Cobalt users report problems with mail being refused by the 
appliance, on the grounds that "relaying is denied".

At the heart of a mailserver is a Mail Transport Agent, or MTA.
In the case of Cobalt products, it is a program called Sendmail.
It passes email from one machine (for example your desktop PC)
to another (for example the mailserver of the person you are
writing to).

Many moons ago, when the word "Spam" still referred to a canned meat 
product, mailservers were generally configured to allow mail to be 
passed from any machine to any other machine.

Unfortunately this can be, and is, abused by spammers.  They find 
an "open" machine and then use it to send their spam.  One reason 
is that someone else's machine can do the hard work - they only 
need to send the one email, plus the list of addresses to send it
to, while the victim's machine actually sends, or tries to send,
the email to all of the addresses.

Another side-effect is that it makes it harder to work out where 
the spam is coming from; and the naive user will think that it is
actuall coming from the victim's machine.

Hence, Cobalt products by default do not allow relaying.

(Sometimes you do wish to allow relaying from specific and trusted
domains and / or machines, so there is an "allow relaying from"
box on the Cobalt GUI.)

They do this by checking that one of the machines it is talking to
is "local".

If you get a "relaying denied" error, it is (generally) because your 
desktop machine is not registering as being "local", due to a failure
of reverse DNS.

The fix therefore is to enter the *IP address* of your local machine
or network into the "allow relaying from" box.  Or fix your DNS.

Many users report that by entering the domain name of the intended 
recipient into the "allow relaying from" box, they can send email.
This is because sendmail doesn't really know or care whether email
is incoming or outgoing: so if one of the machines matches the list
of domains or IP addresses in the "allow relaying from" box, the mail
will go through.

In fact, it's a misleadingly named feature.

Follow-Ups:
- Re: [cobalt-users] FAQ: email relaying.
  - From: Mike Vanecek
- Re: [cobalt-users] FAQ: email relaying.
  - From: Jeff Lasman

References:
- [cobalt-users] Telnet ?
  - From: szoller

Prev by Date: RE: [cobalt-users] perl/cgi
Next by Date: RE: [cobalt-users] What are you guys using
Previous by thread: [cobalt-users] Telnet ?
Next by thread: Re: [cobalt-users] FAQ: email relaying.

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index