Re: Relaying Denied

[Scott R. <sc...@st...>]

On Friday, 3 March 2006 18:08, Pawel Foremski wrote:
> On Monday 27 February 2006 14:30, Scott Ryan wrote:
> > Hi, I am trying to use the qmail-ldap 20050401a spp patch and have a
> > strange problem in that all mails from the internet are rejected because
> > of relaying denied.  Mail sent from hosts that are allowed to relay work
> > fine.
> >
> > I found the offending piece of code that causes the problem:
> >
> > +    if (spp_val =3D=3D 1) {
> > +     if (!allowed) { err_nogateway(); return; }
> > +       spp_rcpt_accepted();
> > +    }
> >
> > My question is and bear in mind that i am not a c coder... :
> >
> > If mail is received from the internet and the RELAYCLIENT env is
> > obviously not set, then why does this check happen it seems to me that =
it
> > will obviously return as not being allowed to relay.
>
> Have you checked your rcpthosts file? What you're asking about is the
> original Dan Bernstein's code, reformatted to fit into qmail-spp code. The
> proof (original sources):

There is no problem with my rcpthosts or locals file as they have not chang=
ed=20
after adding the spp patch. If I remove the spp patch, I no longer get the=
=20
relaying denied error.

>
> pjf@pjf:~/projects/qmail/qmail-1.03$ nl qmail-smtpd.c | grep -B 2 -A 2
> allowed 46  void err_bmf() { out("553 sorry, your envelope sender is in my
> badmailfrom list (#5.7.1)\r\n"); }
>     47  void err_nogateway() { out("553 sorry, that domain isn't in my li=
st
> of allowed rcpthosts (#5.7.1)\r\n"); }
>     48  void err_unimpl() { out("502 unimplemented (#5.5.1)\r\n"); }
>     49  void err_syntax() { out("555 syntax error (#5.5.4)\r\n"); }
> --
>    185  }
>
>    186  int addrallowed()
>    187  {
>    188    int r;
> --
>    230    }
>    231    else
>    232      if (!addrallowed()) { err_nogateway(); return; }
>    233    if (!stralloc_cats(&rcptto,"T")) die_nomem();
>    234    if (!stralloc_cats(&rcptto,addr.s)) die_nomem();

I know that the function - err_nogateway() - is DJB's code, but I believe t=
hat=20
the spp code mentioned below incorrectly calls it.

if (!allowed) { err_nogateway(); return; }

What is the logic (in non-programmer terms) in the (!allowed) ?
because it seems that everything is not allowed unless a relayclient env is=
=20
set.

>
> > Any way, changed to :
> >
> > +    if (spp_val =3D=3D 1) {
> > +//     if (!allowed) { err_nogateway(); return; }
> > +       spp_rcpt_accepted();
> > +    }
> >
> > And bingo, it works.
>
> Bingo, better check whether you're not an open relay, fast! ;-)

We are not an open relay, You can check if you like ;). By inserting the=20
comments we are now successfully accepting mail for our users and rejecting=
=20
mail based on SPF records.

>
> Bye,

=2D-=20
slr,

ISP Systems Specialist
Telkom Internet
#qmail, #qmail-ldap & #mandriva@ irc.freenode.net

"Windows?? You mean the thirty-two bit extension and graphical shell to a=20
sixteen-bit patch to an eight-bit operating system originally coded for a=20
four-bit microprocessor which was written by a two-bit company that can't=20
stand one bit of competition? Oh, that..." -- Lee Clarke

This message has been made from 100% recycled bits.

=2D---BEGIN GEEK CODE BLOCK-----
Version: 3.12
GIT/MU/E d? s+:+ a- C++++>+++++ USL++++$ P++++ !E(---)W+@ !N
o?(--) K? !w(---) O- M+ V PS+@ PE Y-- PGP++>+++ !t(---) !5 !X
R-- !tv b(++) DI++ !D(----) G+++>++++ e++>* h----(*) r+++ y++++
=2D----END GEEK CODE BLOCK------