[Greylist-users] Mail delivery is not using an smtp-like mailer. Skipping checks
DWYNNE at equinoxis.com
Tue Jun 6 08:01:00 PDT 2006
We started getting several more spam messages through relaydelay than
normal. These all seem to have the recipient spoofed as the sender
(mail_from = rcpt_to). I noted the message
"Mail delivery is not using an smtp-like mailer. Skipping checks"
in the relaydelay.log. In my case, the relaydelay box sits in front of our
real mail server. The relay box passes any mail that passes the delay or
whitelist on to the real mail server. All outbound mail is handled by the
real server, not by the relay box.
Sounds like the spammers got around the delay by pretending to be "us" ? It
works in my case because I have it set up to be a relay, and also use an odd
port (and service name) to pass the mail off on that odd port. The spammers
are sending the mail IN via the odd port, which made it bypass the checks -
Looking at the greylist/relaydelay FAQ I see this:
"Q. I've customized my sendmail to use special mailers in certain cases.
But any mail received by these mailers are bypassing the checks with
this message: "Mail delivery is not using an smtp-like mailer. Skipping
A. If you are using customized (or custom named) mailers in your sendmail
config, then you probably want to set $force_all_mailer_checks, or those
mailers will be considered "special" and will bypass the greylisting
checks. By default, only mail received with the "*smtp" and "local"
mailers is checked.
If you have some custom mailers that need to be checked and some custom
mailers that shouldn't be checked, then you will need to modify the
source to include the names of these special mailers in the checks.
Just add the name of your mailer to the checks on $mail_mailer."
So in the script here, I just turned on the force:
# Set this if you want to check mail that would be handled by ALL
# sendmail's defined mailers, rather than just the smtp and esmtp mailers.
# If you have custom mailers defined that handle smtp traffic, you will
# probably want to enable this. If you have special non-smtp mailers
# you may want to disable this. Default is disabled.
my $force_all_mailer_checks = 1;
Does this look like the "right" way to fix this? I could edit the source at
the mail_mailer checks, I guess. Any downside to turning the force on? The
only boxes that SHOULD be connecting to the relaydelay box SHOULD be running
an SMTP mailer.
More information about the Greylist-users