Very Computer

    I submitted my ip to ORDB for on open relay test, and they told me a had
an open relay. I use Sendmail and Sophos MailMonitor. Mail monitor recieves
the mail at port 25, scans it, and sends it on to Sendmail at port 2525.
Mail monitor has some features with restrict/allow clients, but I'm more
concerned with Sendmail. as far as I know, theres only one file to
allow/disallow relaying and that is /etc/mail/access, and I allow it from
localhost.localdomain , localhost, and 127.0.0.1 only.

    My question is: Is it problem having those things ( localhost, etc. )
open?? Is there another place that I could leave a relay open ( other than
MailMonitor -just focusing on Sendmail right now)? Could there be a iptables
rules issue ( I don't think so.. ) ? ALSO - Is ORDBs known for being 100%
reliable???

                        Thanks -
                                        Drew M

--

_____________________

Drew McBee
Network Technician
Tradesmen International
6830 Cochran Rd.
Solon, OH 44139
1-440-996-3141 direct line
1-440-349-3432 x2141
1-800-573-0850 x2141

www.tradesmeninternational.com

Your problem is probably not with Sendmail. Sendmail will see any email
that comes from MailMonitor as coming from the local loopback (127.0.0.1)
and thus will allow it. While you continue to use MailMonitor to receive
email, I don't think there  is much you can do about this.

You need to look at the configuration of MailMonitor -- it has to reject
the relay attempts because, in your configuration, Sendmail cannot
distinguish between relay attempts and email that originated from inside
your network. Rmemeber that it is trivial to forge the "from" address in a
relay attempt.