Just noticed something. This feature was blokcing relaying users
from sending e-mail in my dial-up pool. Apparently, the mail client
being used is Outlook and Outlook Express.

Any work around available?
--
Member - Liberal International
This is doctor@nl2k.ab.ca Ici doctor@nl2k.ab.ca
God Queen and country! Beware Anti-Christ rising!
Beware Linux the Microsoft of Unixes!!

In comp.mail.sendmail The Doctor <doctor@doctor.nl2k.ab.ca>:
> Just noticed something. This feature was blokcing relaying users
> from sending e-mail in my dial-up pool. Apparently, the mail client
> being used is Outlook and Outlook Express.

> Any work around available?

Simply use a real MUA instead of Outcrap, problem solved.

--
Michael Heiming (X-PGP-Sig > GPG-Key ID: EDD27B94)
mail: echo zvpunry@urvzvat.qr | perl -pe 'y/a-z/n-za-m/'
#bofh excuse 443: Zombie processes detected, machine is haunted.

Michael Heiming wrote:
> Simply use a real MUA instead of Outcrap, problem solved.

Unfortunately, those in the providership business can not dictate to
clients what MUAs to use. If we start saying you can only use this MUA
or that MUA, we find our selves with less clients.



Grant. . . .

doctor@doctor.nl2k.ab.ca (The Doctor) writes:

> Just noticed something. This feature was blokcing relaying users
> from sending e-mail in my dial-up pool. Apparently, the mail client
> being used is Outlook and Outlook Express.
>
> Any work around available?

A) It seems to be skipped for authenticated users.
Have you considered using SMTP AUTH?

Anyway requiring SMTP AUTH may stop some viral spam-ware.

B) It seems that other solution would require patching cf/m4/proto.m4
e.g. excluding some nets from some helo checks

--
[pl>en: Andrew] Andrzej Adam Filip : anfi@priv.onet.pl : anfi@xl.wp.pl
Before You Ask: http://anfi.homeunix.net/sendmail/B4UAsk-Sendmail.html
http://anfi.homeunix.net/sendmail/ [orkut,linkedin,xing]

In article <mailman.147.1170430195.28999.comp.mail.sendmail@m aillists.riverviewtech.net>,
Grant Taylor <comp.mail.sendmail@maillists.riverviewtech.net> wrote:
>Michael Heiming wrote:
>> Simply use a real MUA instead of Outcrap, problem solved.
>
>Unfortunately, those in the providership business can not dictate to
>clients what MUAs to use. If we start saying you can only use this MUA
>or that MUA, we find our selves with less clients.
>
>
>
>Grant. . . .
>

I suggest an easy workaround would be tthe block_bad_helo ignores
all our RELAY approved /etc/mail/access and that can solve that issue.

Outlook Lookout is simply a such MUA, still we have to entertain Microjunk.
--
Member - Liberal International
This is doctor@nl2k.ab.ca Ici doctor@nl2k.ab.ca
God Queen and country! Beware Anti-Christ rising!
Beware Linux the Microsoft of Unixes!!

In article <87d54so7n9.fsf@anfi.homeunix.net>,
Andrzej Adam Filip <anfi@onet.eu> wrote:
>doctor@doctor.nl2k.ab.ca (The Doctor) writes:
>
>> Just noticed something. This feature was blokcing relaying users
>> from sending e-mail in my dial-up pool. Apparently, the mail client
>> being used is Outlook and Outlook Express.
>>
>> Any work around available?
>
>A) It seems to be skipped for authenticated users.
> Have you considered using SMTP AUTH?
>
> Anyway requiring SMTP AUTH may stop some viral spam-ware.
>
>B) It seems that other solution would require patching cf/m4/proto.m4
> e.g. excluding some nets from some helo checks
>

What about telling black_bad_helo to ignore all listed RELAYs in
/etc/mail/access .

BTW, I am using SMTP AUTH on the mail servers.
--
Member - Liberal International
This is doctor@nl2k.ab.ca Ici doctor@nl2k.ab.ca
God Queen and country! Beware Anti-Christ rising!
Beware Linux the Microsoft of Unixes!!

The Doctor wrote:
> What about telling black_bad_helo to ignore all listed RELAYs in
> /etc/mail/access .

I would be very surprised if this could not be done, though I don't know
how to do it.

> BTW, I am using SMTP AUTH on the mail servers.

I'd be more interested in configuring the MSA port to not check the HELO
/ EHLO line and have all clients use the MSA port to send email verses
the MTA port.



Grant. . . .

doctor@doctor.nl2k.ab.ca (The Doctor) writes:

> In article <87d54so7n9.fsf@anfi.homeunix.net>,
> Andrzej Adam Filip <anfi@onet.eu> wrote:
>>doctor@doctor.nl2k.ab.ca (The Doctor) writes:
>>
>>> Just noticed something. This feature was blokcing relaying users
>>> from sending e-mail in my dial-up pool. Apparently, the mail client
>>> being used is Outlook and Outlook Express.
>>>
>>> Any work around available?
>>
>>A) It seems to be skipped for authenticated users.
>> Have you considered using SMTP AUTH?
>>
>> Anyway requiring SMTP AUTH may stop some viral spam-ware.
>>
>>B) It seems that other solution would require patching cf/m4/proto.m4
>> e.g. excluding some nets from some helo checks
>>
>
> What about telling black_bad_helo to ignore all listed RELAYs in
> /etc/mail/access .

Much simpler would be to add skipping the check for IP addresses with
reverse DNS name in "your domain" (IP0->PTR->name->A->IP0)

> BTW, I am using SMTP AUTH on the mail servers.

Are you *sure* that rejected messages have been sent over authenticated
connection?

ifdef(`_BLOCK_BAD_HELO_', `dnl
[...] skip if auth

The check is also skipped for IP adresses with (octet boundary) prefix
listed in $=R.

--
[pl>en: Andrew] Andrzej Adam Filip : anfi@priv.onet.pl : anfi@xl.wp.pl
Before You Ask: http://anfi.homeunix.net/sendmail/B4UAsk-Sendmail.html
http://anfi.homeunix.net/sendmail/ [orkut,linkedin,xing]

Grant Taylor <gtaylor@riverviewtech.net> writes:

> The Doctor wrote:
>> What about telling black_bad_helo to ignore all listed RELAYs in
>> /etc/mail/access .
>
> I would be very surprised if this could not be done, though I don't
> know how to do it.
>
>> BTW, I am using SMTP AUTH on the mail servers.
>
> I'd be more interested in configuring the MSA port to not check the
> HELO / EHLO line and have all clients use the MSA port to send email
> verses the MTA port.

It is not a bad idea to configure MSA port to *require* SMTP AUTH.
As far as I can seen hello check is skipped for authenticated messages.

--
[pl>en: Andrew] Andrzej Adam Filip : anfi@priv.onet.pl : anfi@xl.wp.pl
Before You Ask: http://anfi.homeunix.net/sendmail/B4UAsk-Sendmail.html
http://anfi.homeunix.net/sendmail/ [orkut,linkedin,xing]

Andrzej Adam Filip wrote:
> It is not a bad idea to configure MSA port to *require* SMTP AUTH.
> As far as I can seen hello check is skipped for authenticated messages.

I may be wrong, but I thought you were suppose to use AuthSMTP on the
MSA port. I agree 100% that you SHOULD use AuthSMTP on the MSA port.



Grant. . . .

On Fri, 2 Feb 2007, The Doctor wrote:

> Just noticed something. This feature was blokcing relaying users
> from sending e-mail in my dial-up pool. Apparently, the mail client
> being used is Outlook and Outlook Express.
>
> Any work around available?
>

Enter your IP ranges in /etc/mail/relay-domains

203.233.225
203.233.224
203.233.223
124.6

etc etc you get the picture

This will allow you to bypass the bad_helo test

I bug'd this in the last beta but obviously too late for it to be actioned
before stable


--
Cheers
Res

"We can be Heroes, just for one day" - Davey (Jones) Bowie