Question
I have set my relay configuration to the default "Disallow relay, all RCPT clauses must be local" but I am still being blacklisted as an open relay. My GMS installation is located behind an SMTP PRoxy Server. Could that be the problem?
Answer
The SMTP Proxy Server, especially if installed on the same machine as GMS, may cause all connections to GMS to appear to come from a trusted IP Address as defined under LocalIP. By default local (or trusted) IP addresses are allowed to relay. The solution is as follows:
- Set up your SMTP Proxy Server so that it does not reeside on a trusted IP address. This means that anti-spam checks such as reverse lookups can be successfully carried out. You will need to consult your SMTP Proxy Server documentation to find out how this is done.
- Remove the IP address of your SMTP Proxy Server from the Security > LocalIP page in the GMS interface. This would mean that GMS sees the IP address as being external and therefore not allowed to relay email.
If the SMTP Proxy server is installed on the same machine as GMS you may need to make use of the IP Flexibility options within GMS so that GMS does not consider the IP address that the Proxy runs on as being local.
Note: By default, Gordano software is configured to prevent relay of email. The reason that your system was vulnerable to attack was the addition of the SMTP Proxy Server on a trusted IP Address.
See Also:
- How do I prevent Gordano Products acting as an open relay?
- How can NAT make me an open relay?
- Will using the LocalIP range prevent relay?
- How do I allow external users to relay mail through my server?
Keywords:SMTP Proxy Server Open relay