[nos-bbs] relaying denied
Gustavo Ponza
g.ponza at tin.it
Sat Mar 31 08:55:09 EDT 2018
Hi Maiko,
actually this matter, as per my knowledge was almost
well documented in the past as per the following note:
have you changed something?
9) New SMTP gateway options, the old way just didn't work for alot of
people,
it would first try to deliver direct to a host, then to MX if
enabled, and
finally to an smtp gateway (as a last resort) if you have one
configured.
COMPILE : Make sure '#define SGW_EXCEPTIONS' exists in your config.h
file.
Two (2) new subcommands have been added to the smtp gateway syntax :
smtp ga mode [original|force|first|last]
smtp ga exception add ip mask
smtp ga exception delete ip mask
smtp ga exception (to list)
The original way to define the gateway has not changed :
smtp ga [A.B.C.D | none]
If mode is not configured, then JNOS will function the old way.
The 'force' mode sends ALL smtp requests direct to the gateway,
nothing is sent direct to a host, and no MX records are tried.
The 'first' mode does the same, but allows for exceptions, of
which are configured using the 'smtp ga exception' subcommand.
Exceptions basically follow the old way, BUT the gateway will
not be attempted as a last resort if all else fails.
Why have a 'force' ? Perhaps you are running 'first' with a
list of exceptions, and for some reason you need to force all
traffic to a gateway without having to reconfigure everything.
The 'last' option does not do anything, and 'original' simply
switches back to old way - I doubt anyone will use those two.
Example (this is what I am currently running on my system) :
smtp ga A.B.C.D
smtp t4 60 # 1 minute timeout
smtp ga mode first
# send everything to gateway except 44 stations, they go direct
smtp ga exception add 44.0.0.0 0xff000000
# other exceptions (examples) - you can have as many as you want
smtp ga exception add E.F.G.0 0xffffff00
smtp ga exception add X.Y.Z.Z 0xffffffff
Alot of this functionality actually comes from the 'SMTP Deny Relay
Exceptions' code (SDRE), which I wrote some time ago. I was able to
use the same code for this enhancement (with some restructing).
73 and ciao, gus i0ojj/ir0aab
On 03/30/2018 11:39 PM, Maiko Langelaar wrote:
>
> Oh dear, it would seem that I did not document this at all, it was written
> originally because I got tired of not being able to reply to my emails
> using
> email clients outside my JNOS subnet, from this little note in smtpserv.c :
>
> * 17Sep2008, Maiko (VE4KLM), By default we will deny SMTP relay, however
> * there may be outside subnets that we want to allow for. For example, I
> * use my Thunderbird email client at work to check my JNOS system for new
> * mail. It would be nice if I could reply to those systems outside my
> JNOS
> * box, but the existing SMTP_DENY_RELAY code prevents that. So, this new
> * code allows me to create an SDR exception list (ip/netmask) to allow.
>
> I will need to make sure it's documented, here it is 'now' (very sorry) :
>
> #define SMTP_DENY_RELAY
> #define SDR_EXCEPTION
>
> rm smtpserv.o smtpcli.o version.o ; make
>
> here are a couple of examples to put into autoexec.nos :
>
> smtp relay add 1.2.3.4 0xffffffff
>
> smtp relay add 192.168.100.0 0xffffff00
>
> IF you have a box outside of your JNOS subnet, and you want to be able
> to send mail via JNOS then you need to add entries similar to the above,
> for instance from work, I wanted to be able to read and send to my JNOS
> using thunderbird, completely different network. The top one obviously
> is an entry for a single IP (netmask 255.255.255.255), the one below is
> for any IP on 192.168.100 (old class C I guess) subnet.
>
> Reminds me, years ago I could have sworn the syntax was 255.255.255.0,
> but I find I've had to use hexidecimal instead (maybe I switched to an
> incorrect function parsing this, don't remember), 0xffffff00 instead.
>
> On Tue, 27 Mar 2018, Michael Fox - N6MEF wrote:
>
>> I’m getting “relaying denied” when I send to any address in the cc: list.
>
> Maiko
More information about the nos-bbs
mailing list