-----------------------------------------------------------
Note: it was a false alarm - if you have no time
to read through - just ignore this thread. Thanks
-----------------------------------------------------------
Well, I happen to be a "victim of this assault" =)
Just another proof that you should never ever do
anything important when you are tired, stressed,
overworked (or under influence). Yesterday I was
busy tackling two other problems when client called
up complaining that all mails he sent are bouncing
with 553. I have connected to our server, opened
exim log and found some entries like that:
[email protected] <
[email protected]>
aha (thinking 2 myself) we are in troubles (not
even boothering to check <= vs =>) - bad guys
used us as relay and we got on the list.
So I run few relay tests against ultima.co.th
and got:
(excerpt)
To: spammer%
[email protected]
From:
[email protected]
<<< 250 Reset OK
>>>> MAIL FROM:
<<< 250 is syntactically correct
>>>> RCPT TO:
<<< 250 is syntactically correct
>>>> DATA
<<< 354 Enter message, ending with "." on a line by itself
>>>> MESSAGE
<<< 250 OK id=19iYnE-00073t-00
SUCCESS
Relay Accepted - final response code 250
If you dont recieve it then its not a relay (Its still a Bad Thing (TM) that it accepted)
Check your email
(mind last three lines - I didn't)
Ouch, we r fsckd -what to do ? OK, SMTP AUTH
will be the best (at least no mess with client's
authentication). So, I picked latest Exim, and
cyrus-sasl for pwcheck, compiled, installed, and
started hacking up the new config file for exim,
but it was a hard day, so I have fallen asleep.
Next day I got friendly message from Robert
asking for details (I reported it the previous
day). So, I sat to collect "the evidence", opened
logfiles and started reading. Guess, that is what
I should have done the day before - logs were
clean.
Thanks to Robert and DA Support for prompt
response. I am glad that I have followed advice
from Robert any gave a try to DA. Even with
some shortcomings of a fresh product this is
the best CP out of four - I have tried so far.
One last question - I still can't figure what
is causing that this single user can not sent
anything, and is being dismissed by Exim with
relaying denied. What should I check ?
<domu>