home | list info | list archive | date index | thread index

Re: [OCLUG-Tech] Nullmailer on Ubuntu 12.04

STARTTLS is an encrypted communication method using TLS - newer than
SSL, but uses the same OpenSSL library.  Basically an encrypted SSL
connection is established between the server and client.  Your MTA
should be firewalled out of connections coming from your public IP
address if there is no SSL/TLS option (close inbound port 25 connections
on the external interface).

Just because you've made it on Spamhaus' radar is no indication things
have changed on your end - the problem could have existed all this time
without being noticed.  Once spammers do notice an open relay, they tend
to stuff it as full and fast as they can.

I've had experience with sendmail (which I do not recommend to people
because it's configuration files look like someone banged their head on
a keyboard randomly) and Postfix (which I do recommend).  Between
Postfix and iptables I've never had a problem with running public email
servers.

--
Bill


On 15-05-02 11:27 AM, David Patte ₯ wrote:
> Thanks.
>
> Actually, nullmailer is a message transfer agent, simply forwarding my
> mail to the smtp at my provider. And nullmailer is authenticating with
> my provider using a password. But it is not authenticating using
> STARTTLS.
>
> But I will verify whether others are able to send email through my
> nullmailer.
>
> I'm not exactly sure what starttls is doing, perhaps some form of
> encryption, but it seems that my issue is something new, caused by
> some stricter authentication rules that spamhaus has decided are now
> required, not something I changed on my side. Nullmailer has been
> running for over a year and a half, and this issue just started.
>
> Trouble is that I don't know how I can enable starttls on nullmailer,
> nor how to replace nullmailer by exim, which I believe supports starttls.
>
>
>
> On 2015-05-02 10:30, Bill Strosberg wrote:
>> David:
>>
>> >From what Spamhaus is saying it means you have an open relay - allowing
>> systems external to your network the ability to send mail from your
>> server without any authentication.  Basically this means you are
>> accepting connections to use your server as a "sender" of anything
>> without making sure it is an authorized user.
>>
>> You can verify this by trying to send mail from your server using it's
>> external IP address on port 25 without a username or password - if it
>> relays your mail it will do so for anyone on the planet.  This is the
>> exact setup hunted by spammers to ply their trade.  You can telnet to
>> port 25 and see exactly what is going on. If you've been used as a
>> spamming source you are also paying for a lot of packets that they are
>> relaying through your server.
>>
>> There are thousands of tutorials on verifying email server setup - just
>> identify which server software you are using (usually sendmail, postfix
>> or exim), and Google "postfix telnet email test send".
>>
>> I haven't used nullmailer (whatever that is) I just invested the time
>> and effort to get to know Postfix well - after about twenty years of
>> fear and loathing of sendmail.  If you are going to run an outbound
>> email server, take the time to get to know the program.
>>
>> -- 
>> Bill
>>   
> _______________________________________________
> Linux mailing list
> Linux [ at ] lists [ dot ] oclug [ dot ] on [ dot ] ca
> http://oclug.on.ca/mailman/listinfo/linux