Mailing List SIMS@mail.stalker.com Message #12543
From: Ron Johnson <Ganahee@DakotaRainbow.com>
Subject: Re: 571 We do not relay...
Date: Fri, 14 Feb 2003 06:12:07 -0800
To: <sims>
Hello everyone,

I recently installed and set up SIMS Ver. 1.8b8 on my PowerMac 9500
because, until recently, I was using EIMS Ver. 1.3.1, and it cannot be
secured against 3rd. party relay.  My Partner and I are hosting a couple of
web sites, using NetPresenz 4.1, and we thought it'd be nice to  have a
mail server associated with our domain, DakotaRainbow.com.  Unfortunately,
because our server was hijacked about 4 months ago, we ended up being
blacklisted in at least 4 different places that we know of.  To temporarily
"fix" the problem, we went into the EIMS 1.3.1 relay restrictions, selected
option 2, "Only relay for local domains, or for the following domains," put
in DakotaRainbow.com, and all seemed to be quiet - nothing seemed to be
going out except what *we* wanted going out, although we did several
relay-tests which indicated we still were an "open relay".  I learned from
the EIMS discussion list, that EIMS 1.3.1 was unsecurable, but that Stalker
Internet Mail Server 1.8b8 , in fact, is.  According to the SIMS Guide,
using the "Client Hosts" list &"Relay for clients only" were the ways to
achieve this.  It further states that you can put the IP addresses of your
LAN machines, as well as any other host IPs you trust on this list, and
they are the only ones who can use the server as a mail relay.

Our network consists of 6 machines, (2 PCs & 4 Macs), a LinkSys
10-100T, 8-port,  network switch, and a Cisco-678 ADSL router.  We own one
static IP address, but forward the various ports we need to the individual
machines which are all manually configured, each with their own "internal"
IP address, not known to the outside world.  Since the user manual states
that you can put the IP addresses of the machines on your LAN into the
"Client Hosts" List, I did this, checked the "Relay for clients only"
checkbox and saved the results to the server.  My Partner then did a couple
of different relay tests and we came up clean!  As a result, we have been
removed from the RBL lists, and are being removed from a group of DNSBL
lists!  There is a God!

Since I'm a totally blind Mac user, I use Eudora Light as my eMail
client.  All seems to be working well, except for a slight problem.
Whenever I attempt to forward a message to someone else outside our LAN,
say to my Sister, Folks, whomever, or I attempt a redirect to an outside
address, I get an "Error 571 we do not relay" message.  I have Eudora set
to do "Check On Send" and have the "Immediate Send" checkbox unchecked.
Everything else seems to be configured correctly.  What could be wrong?  I
had an idea; If I were to put our static IP address into the client hosts
list, instead of the internal machine addresses,  would that still keep me
a "closed relay", or would that make me an "open relay" again?  Has anyone
else on here had this problem?  If so, ow did you resolve it?  Is just
having the IP addresses of the LAN machines in the Client Hosts list
sufficient, or do I have to have the "Relay for clients only" checkbox
checked, in order to prevent unauthorized relay?  Would this last work with
just our static IP address in the list and the checkbox checked?

One last thing here before I stop.  Anyone have any good RBL server
names I can put into the RBL servers list?  Also, any IP addresses which
aren't on such lists, but are known offenders, (for the "Blacklist" list,)
would be nice to know, to.  I may be inexperienced as an Admin, but I'm not
stupid! LOL  If anyone wishes to discuss any of these issues off-list, you
are welcome to write me directly!

Thanks for the time & help!!!

Ron Johnson - (AKA Ganahee)
WebMaster: http://www.DakotaRainbow.com


Ron
(AKA Ganahee)

Feel free to write me at: Ganahee@DakotaRainbow.com


"For millions of years, mankind lived, just like the animals.  Then
something happened, which unleashed the power of our imagination.  We
learned to talk."

>From the MD: "The Division Bell"  The track: "Keep Talking"
 


Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster