[Greylist-users] Mail delivery is not using an smtp-like mailer. Skipping checks

Dennis Wynne DWYNNE at equinoxis.com
Tue Jun 6 08:01:00 PDT 2006 

We started getting several more spam messages through relaydelay than 
normal. These all seem to have the recipient spoofed as the sender 
(mail_from = rcpt_to).  I noted the message

"Mail delivery is not using an smtp-like mailer.  Skipping checks"

in the relaydelay.log. In my case, the relaydelay box sits in front of our 
real mail server. The relay box passes any mail that passes the delay or 
whitelist on to the real mail server. All outbound mail is handled by the 
real server, not by the relay box.

Sounds like the spammers got around the delay by pretending to be "us" ?  It 
works in my case because I have it set up to be a relay, and also use an odd 
port (and service name) to pass the mail off on that odd port.  The spammers 
are sending the mail IN via the odd port, which made it bypass the checks - 
I think.

Looking at the greylist/relaydelay FAQ I see this:

"Q. I've customized my sendmail to use special mailers in certain cases.
   But any mail received by these mailers are bypassing the checks with
   this message: "Mail delivery is not using an smtp-like mailer.  Skipping
   checks."

A. If you are using customized (or custom named) mailers in your sendmail
   config, then you probably want to set $force_all_mailer_checks, or those
   mailers will be considered "special" and will bypass the greylisting
   checks.  By default, only mail received with the "*smtp"  and "local"
   mailers is checked.

   If you have some custom mailers that need to be checked and some custom
   mailers that shouldn't be checked, then you will need to modify the 
milter
   source to include the names of these special mailers in the checks.
   Just add the name of your mailer to the checks on $mail_mailer."


So in the script here, I just turned on the force:


# Set this if you want to check mail that would be handled by ALL
#   sendmail's defined mailers, rather than just the smtp and esmtp mailers.
# If you have custom mailers defined that handle smtp traffic, you will
#   probably want to enable this.  If you have special non-smtp mailers
# you may want to disable this.  Default is disabled.
my $force_all_mailer_checks = 1;


Does this look like the "right" way to fix this?  I could edit the source at 
the mail_mailer checks, I guess.  Any downside to turning the force on?  The 
only boxes that SHOULD be connecting to the relaydelay box SHOULD be running 
an SMTP mailer.

Thanks!
Dennis

More information about the Greylist-users mailing list