Jump to content

Archived

This topic is now archived and is closed to further replies.

BCS-E

eset mail security creates open relay ?

Recommended Posts

Hello,

 

We recently installed ESET Mail Security for linux on a Ubuntu bases Zarafa mail server with Postfix.

 

The configuration of postfix is as follows:

 

myhostname = server
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = localhost
relayhost = smtp.provider.something
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
message_size_limit = 25600000
virtual_mailbox_domains = domain_1 domain_2
virtual_mailbox_maps = ldap:/etc/postfix/users.cf
virtual_alias_maps = ldap:/etc/postfix/aliases.cf
virtual_transport = tothemailserver
recipient_delimiter = +
inet_interfaces = all
inet_protocols = ipv4

 

Mail delivered from outside is passed on to Postfix. If destination is not domain_1 or domain_2 a relaying denied message is generated. Otherwise mail is forwarded to the mailserver

Localhost is secure. Only the Zarafa mail server delivers mail to Postfix. Zarafa has only authenticated access.

 

We then followed the manual on the ESET site "ESET Mail Security & Zarafa 7 infrastucture". Unfortunatelly we followed it to blindly. Smooth installation en configuration. Postfix to port 2525 ESET receiving on 25 and forwarding to 2525.

It was rather quickly up and running and we were quite happy with the results.

 

Until several days later we found out we had created an open relay. By installing ESET MS in front the postfix server all mail delivered to postfix is from localhost and as such secure. > 99,9% of all incoming mail was nicely processed by ESET MS assigned a SPAM label and forwarded by postfix to the provider smarthost !!!

 

In my opinion ESET MS should block non domain oriented mail with a relaying denied message. However ESET is turning to HQ for support and in the meantime we disabled ESET MS.

 

What is the correct way to install ESET Mail Security for Linux .....

 

Thanks for reading.

 

 

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...