Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 27th December 2010, 18:21
MGStudioWEB MGStudioWEB is offline
Member
 
Join Date: Jan 2010
Posts: 30
Thanks: 0
Thanked 0 Times in 0 Posts
Default Open relay? Nonlocal recips but not originating

Hi all,

I've following this tutorial for install Amavisd-new, ClamAV and SpamAssassin:
http://wiki.centos.org/HowTos/Amavisd

LogWatch report many lines like this:

**Unmatched Entries**
Open relay? Nonlocal recips but not originating: ***@***
....

What does this mean?

Thanks
Reply With Quote
Sponsored Links
  #2  
Old 28th December 2010, 23:11
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,741 Times in 2,575 Posts
Default

You can test here if your server is an open relay: http://www.spamhelp.org/shopenrelay/
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #3  
Old 29th December 2010, 11:37
MGStudioWEB MGStudioWEB is offline
Member
 
Join Date: Jan 2010
Posts: 30
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Hi Falco,

this is the result:

Testing 94.23.68.61 on port 25... Error - could not connect to server

This is the netstat output for smtp port:

tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 0 4293335 21386/master

I've read of a $originating variable that could not be set ... but where?

Thanks
Reply With Quote
  #4  
Old 29th December 2010, 15:50
MGStudioWEB MGStudioWEB is offline
Member
 
Join Date: Jan 2010
Posts: 30
Thanks: 0
Thanked 0 Times in 0 Posts
Default

On a server like this without Amavis this messages are not present...
Reply With Quote
  #5  
Old 30th December 2010, 17:25
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,741 Times in 2,575 Posts
Default

What are the outputs of
Code:
iptables -L
and
Code:
getenforce
?

Do you host this server on a DSL/Cable line? If so, make sure your ISP doesn't block port 25.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #6  
Old 30th December 2010, 17:37
MGStudioWEB MGStudioWEB is offline
Member
 
Join Date: Jan 2010
Posts: 30
Thanks: 0
Thanked 0 Times in 0 Posts
Default

iptables -L

Chain INPUT (policy ACCEPT)
target prot opt source destination
fail2ban-sasl tcp -- anywhere anywhere tcp dpt:smtp
fail2ban-ModSec tcp -- anywhere anywhere multiport dports http,https
fail2ban-BadBots tcp -- anywhere anywhere multiport dports http,https
fail2ban-courierpop3 tcp -- anywhere anywhere tcp dptop3
fail2ban-IMAP tcp -- anywhere anywhere multiport dports pop3,pop3s,imap,imaps
fail2ban-SSH tcp -- anywhere anywhere tcp dpt:ssh
RH-Firewall-1-INPUT all -- anywhere anywhere

Chain FORWARD (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- anywhere anywhere

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain RH-Firewall-1-INPUT (2 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere icmp any
ACCEPT esp -- anywhere anywhere
ACCEPT ah -- anywhere anywhere
ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns
ACCEPT udp -- anywhere anywhere udp dpt:ipp
ACCEPT tcp -- anywhere anywhere tcp dpt:ipp
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:telnet
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:smtp
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:http
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ftp
ACCEPT tcp -- anywhere anywhere state NEW tcp dptop3
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:imap
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited

Chain fail2ban-BadBots (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere

Chain fail2ban-IMAP (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere

Chain fail2ban-ModSec (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere

Chain fail2ban-SSH (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere

Chain fail2ban-courierpop3 (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere

Chain fail2ban-sasl (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere

getenforce
Enforcing

This's a virtual machine on VMWARE EXSi server (Hosted on OVH), all virtual machine are in bridge mode.

Thanks
Reply With Quote
  #7  
Old 31st December 2010, 14:12
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,741 Times in 2,575 Posts
Default

Quote:
Originally Posted by MGStudioWEB View Post
getenforce
Enforcing
Please disable SELinux and try again.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #8  
Old 31st December 2010, 15:32
MGStudioWEB MGStudioWEB is offline
Member
 
Join Date: Jan 2010
Posts: 30
Thanks: 0
Thanked 0 Times in 0 Posts
Default

SELinux disabled but not solved:

[root@ns1 log]# getenforce
Disabled

[root@ns1 log]# tail maillog -f
Dec 31 15:29:03 ns1 amavis[4259]: (04259-03) Open relay? Nonlocal recips but not originating:***
Reply With Quote
  #9  
Old 3rd January 2011, 20:17
MonkeyMan MonkeyMan is offline
Junior Member
 
Join Date: Jan 2011
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
 
Default

See:
http://groups.google.com/group/maili...a9c522cb291007

Also, update your amavis-logwatch filter.
http://logreporters.sourceforge.net/
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Problem 100% CPU ispconfig_httpd -DSSL Captain Installation/Configuration 7 8th March 2010 21:50
High on Lenny - Lvm Mount Problem Serverman Technical 1 23rd June 2009 16:26
ERROR: The PHP binary coming with ISPConfig does not work properly on your system! qvindesland Installation/Configuration 22 21st May 2007 16:05
Howto suggestion suse PhP ver 4 + Ver 5 wwparrish Suggest HOWTO 11 7th August 2006 13:29
open ports rayit General 6 18th January 2006 14:23


All times are GMT +2. The time now is 13:37.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.