Mailing List CGatePro@mail.stalker.com Message #92824
From: Bret Miller <bret.miller@wcg.org>
Subject: RE: CGate accepting messages it shoudn't
Date: Wed, 03 Oct 2007 08:47:17 -0700
To: CommuniGate Pro Discussions <CGatePro@mail.stalker.com>
X-Mailer: CommuniGate Pro MAPI Connector 1.2.12/1.2.12(local)
> We've got a couple of domain name that we do host the
> website, but that
> don't have any mail at all. Previously, our "default" dns
> zone setup was to
> point the MX to our server. That caused un-nessary spam to be
> accepted by
> our server.
>
> I've modified the zones of those domains to remove the MX
> entries. There's
> still an A record for domain.com that point the the
> webserver, wich has no
> SMTP open and is blocked by the firewall.
>
> Now when a mail comes in destinated to one of these domain,
> the ROUTER
> accepts it since the A record is part of our LAN Ips (I
> suppose). And next
> tries to deliver it to our webserver, which of course doesn't work.
>
> Next, cgate generate a delivery report which sits in our
> queue since the
> sender isn't a real one.
>
> I've got the "Relay to client ip addresses" set to "simple
> email". I beleive
> it's because of that. If I set this to NO, what would be the impact ?

You only need this enabled if your server must accept email for other client servers and relay that email to them. If you do need the setting enabled, you could add router entries for those domains to either reject the email if no email is required to be sent ever or route it to the official MX without the relay parameter so that you don't end up an open relay for those domains.

Bret



Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster