[nos-bbs] SMTP gateway

Boudewijn (Bob) Tenty bobtenty at gmail.com
Mon Jul 28 17:29:45 EDT 2014 

 From the jnos manual...

smtp trace [<value>]

Displays or sets the trace flag in the SMTP client, allowing you to watch SMTP's
conversations as it delivers mail. Zero (the default) disables tracing. A trace
value of 1 just enables the "new mail for n5knx from <k5arh at w5ddl.ampr.org>".
Larger values produce more voluminous trace output.

73,

Bob VE3TOK

On 14-07-28 01:53 PM, Lakenet wrote:
> Michael,
>
> Thank you for the note. I failed to mention that my Linux JNOS machine 
> is located behind a Netscreen NS5GT firewall that blocks all but 
> trusted incoming mail on port 25. That blocks the thousands of spam 
> mails that would otherwise come in daily. Is there any trace or other 
> parameter that I can set in JNOS to monitor outgoing SMTP traffic so I 
> can see how and where outgoing SMTP traffic is going? I'm not a 
> network person so I learn by lots of reading and trial and error. I 
> will look into a mail server that I can run on the Linux machine and I 
> have a couple of mentors that can help.
>
> Jerry, N0MR
>
> -----Original Message----- From: Michael E Fox - N6MEF
> Sent: Monday, July 28, 2014 12:13 PM
> To: 'TAPR xNOS Mailing List'
> Subject: Re: [nos-bbs] SMTP gateway
>
> JNOS already uses SMTP so it doesn't require a gateway.  But ...
>
> -- The SMTP code in JNOS is very old and I've seen it do a couple things
> (like pipelining when that option has not been negotiated) that aren't 
> quite
> correct by today's standards
> -- The SMTP code in JNOS has no security mechanisms
>
> So, if you are sending SMTP messages to or receiving SMTP messages 
> from any
> other machine that you don't trust 100% (this includes anything on the
> Internet and probably the rest of 44-net) then you should configure 'smtp
> gateway' to the address of a mail server you do trust.
>
> For example, here is one way to do it:  Each of the linux machines 
> that runs
> JNOS in our network is also running a mail server.  JNOS is configured 
> with
> 'smtp gateway' set to the linux IP address.   The linux mail server
> configuration performs a dozen or more security checks on incoming mail
> connections from other machines, including:  DNS lookups, blacklist 
> lookups,
> relay lookups, network-based lookups, spam detection, virus scanning, and
> more.  It also performs some outbound checks to make sure JNOS has not be
> compromised.  If your mail server is exposed to the Internet and you 
> monitor
> the mail logs on such a machine, you'll find that it will be hit with 
> relay
> or spam or virus attempts multiple times per hour.  But the gateway 
> rejects
> all of that (hopefully!), protecting the JNOS system.
>
> Some home/SOHO routers may have something simple built into their 
> software
> which lets them protect you from some attacks.  Consult you're router's
> documentation for details.  Perhaps Google or Yahoo or others provide 
> a free
> service.  Postini (now part of Google, ugh!) and others provide paid
> services.  For details on how to set up your own, more comprehensive
> solution, consult the documentation for your preferred mail server 
> software:
> sendmail, postfix, exim, ...
>
> Finally, the JNOS release notes provide some details about extra 'smtp
> gateway' options that were added a few versions ago.
>
> Michael
> N6MEF
>
>
> -----Original Message-----
> From: nos-bbs-bounces at tapr.org [mailto:nos-bbs-bounces at tapr.org] On 
> Behalf
> Of Lakenet
> Sent: Monday, July 28, 2014 9:12 AM
> To: TAPR xNOS Mailing List
> Subject: [nos-bbs] SMTP gateway
>
> I have always set SMTP gateway to none not knowing how to use that 
> gateway.
> Recently I read a reflector post that the gateway should be set to the
> address of the home router I assume to route unroutable mail out into the
> internet. I understand that any packet mail with no route to deliver 
> would
> go to the SMTP queue. So I entered a gmail address from within JNOS for a
> test and the mail did get to the recipient. I did not see anything on the
> monitor. How does this operation run? Does ampernet have some type of 
> mail
> handler? Does anyone know if there is something written to explain this
> operation or can someone type me a simple explanation.
>
> Thank you,
>
> Jerry, N0MR
>
>
> _______________________________________________
> nos-bbs mailing list
> nos-bbs at tapr.org
> http://www.tapr.org/mailman/listinfo/nos-bbs
>
> _______________________________________________
> nos-bbs mailing list
> nos-bbs at tapr.org
> http://www.tapr.org/mailman/listinfo/nos-bbs

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.tapr.org/pipermail/nos-bbs_lists.tapr.org/attachments/20140728/4f62eb3b/attachment.html>

More information about the nos-bbs mailing list