[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Qube 3 - How to stop spam?

Subject: Re: [cobalt-users] Qube 3 - How to stop spam?
From: Parker Morse <morse@xxxxxxxxxxx>
Date: Mon Nov 12 07:21:00 2001
Organization: Sinauer Associates, Inc.
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

John Lee asked:
> Is anyone successfully setup a qube 3 so that it is not an open relay?
> Please teach me how.
> 
> I enabled the "POP Authenticated Relay" and updated the patches posted
> by Cobalt religiously.  But the problems still exist and spammers keep
> using my qube to relay mails.
> 
> My ISP is threathening to close my SMTP port if I can't fix this.

John - I'm glad to see it; I've seen a lot of spam coming in through your
TLD (and others). I've been playing with this very problem for a few months
with our Qube3 (though I'm not an open relay, apparently, so I don't have
your urgency.) I'd love to see any other responses you get, since I'm
beginning to think that spam-guarding is a common concern on the Qubes
(especially since mail is more likely to be important on a corporate Qube
than on a hosted RaQ) and I'd like to put together some collected
experience/wisdom on the topic.

Here's what we've picked up so far. If anyone has anything else to add,
PLEASE pitch in.

Close your open relay:

The first thing to do is to look in the GUI. Under "Email Services," click
"email servers," then click the "advanced" tab.

The two sections you're most interested in are "POP Authenticated Relaying"
and "Relay Email From Hosts/Domains/IP Addresses (Optional)".

I suggest NOT having "POP Authenticated Relay" checked. Unless you have
heavy mail use by many users remote from your Qube, it's not necessary.
Instead, put a list of domains/subnets in the "Relay Email From" box, and
make it as short as possible. In our case, we only list our domain and our
subnet (for a subnet with mask 255.255.255.0, leave a 0 at the end of the
IP, like xx.yyy.zz.0 where xx.yyy.zz are the first three octets in your
subnet addresses.) Note: remote users can still GET mail via POP and SEND
mail via webmail. Also, if you've only got three or four remote email users,
you can put their addresses in the list; try to get as narrow an IP range as
you can.

Remember to click "save" at the bottom of the page when you've made the
changes.

This SHOULD stop your open relay. For confirmation, see
<http://www.mail-abuse.org/tsi/ar-test.html> to test if your site is still
relaying; you will need to telnet to relay-test.mail-abuse.org, which will
then test your system for relaying and report on what works (or doesn't
work.)

Hope this helps.

pjm

Follow-Ups:
- Re: [cobalt-users] Qube 3 - How to stop spam?
  - From: John Lee

References:
- [cobalt-users] Qube 3 - How to stop spam?
  - From: John Lee

Prev by Date: RE: [cobalt-users] [Webmin] was Are Raq's here to stay? (opinions wanted)
Next by Date: Re: [cobalt-users] [Webmin] was Are Raq's here to stay? (opinionswanted)
Previous by thread: [cobalt-users] Qube 3 - How to stop spam?
Next by thread: Re: [cobalt-users] Qube 3 - How to stop spam?

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index