[nos-bbs] SMTP gateway
Lakenet
n0mr at lakenet.com
Mon Jul 28 18:49:05 EDT 2014
Thanks for the comments. Bob, before your message, I tried smtp trace 5 and got a nice trace. I found an e-mail to a gmail address first tried a gmail address and failed. Then it found a mail server from an ISP that is a parent to my ISP and it accepted the mail. I’ll pursue Michael’s suggestion of a dedicated mail server at my location or in the area so I can be certain of where mail is handled.
Jerry, N0MR
From: Boudewijn (Bob) Tenty
Sent: Monday, July 28, 2014 4:29 PM
To: TAPR xNOS Mailing List
Subject: Re: [nos-bbs] SMTP gateway
>From the jnos manual...
smtp trace [<value>]
Displays or sets the trace flag in the SMTP client, allowing you to watch SMTP's
conversations as it delivers mail. Zero (the default) disables tracing. A trace
value of 1 just enables the "new mail for n5knx from mailto:k5arh at w5ddl.ampr.org".
Larger values produce more voluminous trace output.
73,
Bob VE3TOK
On 14-07-28 01:53 PM, Lakenet wrote:
Michael,
Thank you for the note. I failed to mention that my Linux JNOS machine is located behind a Netscreen NS5GT firewall that blocks all but trusted incoming mail on port 25. That blocks the thousands of spam mails that would otherwise come in daily. Is there any trace or other parameter that I can set in JNOS to monitor outgoing SMTP traffic so I can see how and where outgoing SMTP traffic is going? I'm not a network person so I learn by lots of reading and trial and error. I will look into a mail server that I can run on the Linux machine and I have a couple of mentors that can help.
Jerry, N0MR
-----Original Message----- From: Michael E Fox - N6MEF
Sent: Monday, July 28, 2014 12:13 PM
To: 'TAPR xNOS Mailing List'
Subject: Re: [nos-bbs] SMTP gateway
JNOS already uses SMTP so it doesn't require a gateway. But ...
-- The SMTP code in JNOS is very old and I've seen it do a couple things
(like pipelining when that option has not been negotiated) that aren't quite
correct by today's standards
-- The SMTP code in JNOS has no security mechanisms
So, if you are sending SMTP messages to or receiving SMTP messages from any
other machine that you don't trust 100% (this includes anything on the
Internet and probably the rest of 44-net) then you should configure 'smtp
gateway' to the address of a mail server you do trust.
For example, here is one way to do it: Each of the linux machines that runs
JNOS in our network is also running a mail server. JNOS is configured with
'smtp gateway' set to the linux IP address. The linux mail server
configuration performs a dozen or more security checks on incoming mail
connections from other machines, including: DNS lookups, blacklist lookups,
relay lookups, network-based lookups, spam detection, virus scanning, and
more. It also performs some outbound checks to make sure JNOS has not be
compromised. If your mail server is exposed to the Internet and you monitor
the mail logs on such a machine, you'll find that it will be hit with relay
or spam or virus attempts multiple times per hour. But the gateway rejects
all of that (hopefully!), protecting the JNOS system.
Some home/SOHO routers may have something simple built into their software
which lets them protect you from some attacks. Consult you're router's
documentation for details. Perhaps Google or Yahoo or others provide a free
service. Postini (now part of Google, ugh!) and others provide paid
services. For details on how to set up your own, more comprehensive
solution, consult the documentation for your preferred mail server software:
sendmail, postfix, exim, ...
Finally, the JNOS release notes provide some details about extra 'smtp
gateway' options that were added a few versions ago.
Michael
N6MEF
-----Original Message-----
From: nos-bbs-bounces at tapr.org [mailto:nos-bbs-bounces at tapr.org] On Behalf
Of Lakenet
Sent: Monday, July 28, 2014 9:12 AM
To: TAPR xNOS Mailing List
Subject: [nos-bbs] SMTP gateway
I have always set SMTP gateway to none not knowing how to use that gateway.
Recently I read a reflector post that the gateway should be set to the
address of the home router I assume to route unroutable mail out into the
internet. I understand that any packet mail with no route to deliver would
go to the SMTP queue. So I entered a gmail address from within JNOS for a
test and the mail did get to the recipient. I did not see anything on the
monitor. How does this operation run? Does ampernet have some type of mail
handler? Does anyone know if there is something written to explain this
operation or can someone type me a simple explanation.
Thank you,
Jerry, N0MR
_______________________________________________
nos-bbs mailing list
nos-bbs at tapr.org
http://www.tapr.org/mailman/listinfo/nos-bbs
_______________________________________________
nos-bbs mailing list
nos-bbs at tapr.org
http://www.tapr.org/mailman/listinfo/nos-bbs
--------------------------------------------------------------------------------
_______________________________________________
nos-bbs mailing list
nos-bbs at tapr.org
http://www.tapr.org/mailman/listinfo/nos-bbs
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.tapr.org/pipermail/nos-bbs_lists.tapr.org/attachments/20140728/2a64b19f/attachment.html>
More information about the nos-bbs
mailing list