Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

possible open relaying?

Discussion in 'E-mail Discussion' started by dev.null, Aug 27, 2007.

  1. dev.null

    dev.null Well-Known Member

    Joined:
    May 27, 2003
    Messages:
    84
    Likes Received:
    2
    Trophy Points:
    158
    I'm an exim novice and know just enough to be dangerous. I may have shot myself in the foot w/ my exim.conf by recently adding whitelist capability and would appreciate any help in diagnosing this relay problem. I don't want to be an open relay but can't seem to figure out where the relay is being permitted.

    exim -bpc yields lines like this:

    llpwdigitalportfolio.com isn't hosted on my box, so this isn't email sent to a local address. The from address of <> is immediately suspicious because it should be filled in, and I'd expect it to be an account on my box.

    I decide to take a look in the exim log to see where this email would have come from:

    It appears this email is actually the result of another email: 1IPhmU-00020M-IE, so I look in the log to see where it came from:

    So it looks like I receive an email (1IPhmU-00020M-IE) that is bound for a valid address on this box (listowner-contributors@beginthread.com), and somehow this email is then split into another email going to sales@llpw....

    My question is how is it that exim is being tricked into relaying like this?

    related files to follow in next posts (10,000 char limit to post).
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. dev.null

    dev.null Well-Known Member

    Joined:
    May 27, 2003
    Messages:
    84
    Likes Received:
    2
    Trophy Points:
    158
    exim.conf is attached (dos and unix versions included for your viewing pleasure).

    and here's the whitelist file:

    root@vhost1 [/etc]# cat exim.whitelist
    *.nuvio.com
    *.nuvio.net
     

    Attached Files:

    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice