Autor Thema: unbekannte Mail  (Gelesen 2213 mal)

Offline leusel

  • Frischling
  • *
  • Beiträge: 28
  • Geschlecht: Männlich
unbekannte Mail
« am: 14.10.03 - 16:21:27 »
Hallo,

habe folgendes Problem.
Wird eine Mail an den Benutzer xy@notes.de geschickt dieser nicht im NAB ist, sollte diese Mail normalerweise zum Absender zurückgeschickt werden.
Bei mir mir am Server versucht er aber diese Mail an den unbekannten Empfänger zurückzuschicken.
Wo könnte ich anfangen zu suchen?

Offline Semeaphoros

  • Gold Platin u.s.w. member:)
  • *****
  • Beiträge: 8.152
  • Geschlecht: Männlich
  • ho semeaphoros - agr.: der Notesträger
    • LIGONET GmbH
Re:unbekannte Mail
« Antwort #1 am: 14.10.03 - 16:48:58 »
Ist das SPAM? Und ist vielleicht der Absender und der Empfänger gleich gesetzt? Untersuche mal das Feld "From"
Jens-B. Augustiny

Beratung und Unterstützung für Notes und Domino Infrastruktur und Anwendungen

Homepage: http://www.ligonet.ch

IBM Certified Advanced Application Developer - Lotus Notes and Domino 7 und 6
IBM Certified Advanced System Administrator - Lotus Notes and Domino 7 und 6

Offline leusel

  • Frischling
  • *
  • Beiträge: 28
  • Geschlecht: Männlich
Re:unbekannte Mail
« Antwort #2 am: 17.10.03 - 12:31:07 »
es ist kein Spam. Der Mail Router bringt nicht die Fehlermeldung, das die Person nicht im NAB vorhanden ist. Es ist noch ein 4.6 Notes Server.
Die Felder enthalten die Richtigen namen.

Offline Semeaphoros

  • Gold Platin u.s.w. member:)
  • *****
  • Beiträge: 8.152
  • Geschlecht: Männlich
  • ho semeaphoros - agr.: der Notesträger
    • LIGONET GmbH
Re:unbekannte Mail
« Antwort #3 am: 17.10.03 - 12:37:38 »
Ah, dann ist aber bei Dir das Relaying nicht ausgeschaltet (böse, böse). Da gibt es Notes.ini Variablen, die unter 4.6 gesetzt werden müssen (leider ist das damals noch nicht in der Konfiguration drin gewesen). Ich hoffe, jetzt, jemand hat diese Dinger grade mal zur Hand, ich weiss sie nämlich nimmer ....... :-((
Jens-B. Augustiny

Beratung und Unterstützung für Notes und Domino Infrastruktur und Anwendungen

Homepage: http://www.ligonet.ch

IBM Certified Advanced Application Developer - Lotus Notes and Domino 7 und 6
IBM Certified Advanced System Administrator - Lotus Notes and Domino 7 und 6

Glombi

  • Gast
Re:unbekannte Mail
« Antwort #4 am: 17.10.03 - 13:04:09 »
Hier:

SMTPMTA_ALLOW_KNOWN_DOMAINS Provides for Enhanced Relay Limitation on SMTP MTA

Problem:

A customer wants to protect his Domino 4.6.4 SMTP MTA from being used as a mail relay while also enabling POP3 clients to send outbound (relay) from the SMTP MTA.

Solution:

The Release 4.6.4 SMTP MTA supports the new  NOTES.INI variable SMTPMTA_ALLOW_KNOWN_DOMAINS, which activates an enhanced relay limitation mechanism that provides for configuration of domains for which relay is allowed.  If this variable is present and has a non-zero value assigned, the following rules described will be enforced:

Mail for a recipient will be rejected if:  The connecting host resides in an unknown domain and the recipient also resides in an unknown domain.

Mail for a recipient will be accepted if:  Either the connecting host or the recipient resides in a known domain.

In addition to the "local" domain, all domains identified in the Global Domain document's Internet Domain Suffix List will be considered "known domains" when applying the rules described above.  If the SMTP MTA decides that a disallowed relay is being attempted, it will return the following reply to the sending host:

"501 This MTA does not relay, from: [connecting host name] to : [recipient domain name]"

These are the steps to configure:

1.   Domino Server version 4.6.4 or higher required.

2.   SMTPMTA_ALLOW_KNOWN_DOMAINS=1 should not be used in conjunction with SMTPMTA_REJECT_RELAYS=1.

3.   SMTPMTA_ALLOW_KNOWN_DOMAINS=1 uses the "Internet Domain Suffix" section of the SMTPMTA's Global Domain document to specify known domains, those not listed are considered unknown and attempts to relay will be rejected .


und hier:

MAPS Relay Spam Stopper Adds Lotus Domino 4.6x Servers to Its BlackList

Problem:

The Mail Abuse Prevention System (MAPS) is a monitoring service that prevents Spamming and Open Relay systems.  A customer reports that this monitoring service has blacklisted their Domino SMTP MTA 4.6x server, so mail can no longer be routed.  The error message received is as follows, depending on the different logging levels set by the administrator:

"Refused by blackhole site"

 or

"An SMTP protocol error was detected. The peer SMTP returned an invalid reply code."

Solution:

To prevent the open relays on the Domino 4.6.4 or later SMTP MTA, you must specify one of the following options and include both (or all three, if using Option 2) NOTES.INI settings on the SMTP MTA server (NOTE:  These settings work only for 4.6x; they are not applicable in Domino R5):

Option 1:
1:  SMTP_OCH_REJECT_SMTP_ORIGINATED_MESSAGES=1
2:  SMTPMTA_REJECT_RELAYS=1

This option may still fail the relay test because the relay challenge is not checked until the conversion task attempts to convert the message.

Option 2 (Recommended):
1:  SMTP_OCH_REJECT_SMTP_ORIGINATED_MESSAGES=1
2:  SMTPMTA_ALLOW_KNOWN_DOMAINS=1
3:  SMTPMTA_RELAY_FORWARDS=1

This option will reject the message during the conversation because SMTPMTA_ALLOW_KNOWN_DOMAINS is configured to reject the message before receiving it; unlike the SMTPMTA_REJECT_RELAYS parameter, this feature will reject the message after the message is received during the conversion process.

Error message received during communication when running the SMTPMTA_ALLOW_KNOWN_DOMAINS:

"501 This MTA is configured NOT to relay message from [acme.com] to [domainabcde.com]."

Note: The SMTPMTA_REJECT_RELAYS setting rejects all messages not intended for the local Internet domain, but the SMTPMTA_ALLOW_KNOWN_DOMAINS setting allows relays for domains listed in the Internet domain suffix of the Global Domain document.  For further information, refer to the document titled "SMTPMTA_ALLOW_KNOWN_DOMAINS Rejects Users with DHCP Assigned Addresses" (#172663 ).

In addition, from the 4.6.4 Release Notes:

SMTPMTA_ALLOW_KNOWN_DOMAINS is a new variable which activates an enhanced relay limitation mechanism that provides for configuration of domains for which relay is allowed.

Supporting Information:

The details of the MSS Relay Blacklisting can be found at http://www.mail-abuse.org

Some other parameters useful in open relay protection are as follows:

SMTPMTA_DENIED_DOMAINS=filename
Can be used if the domain that is sending the spam mail smtpmta server is known.  This will reject all connections from that domain.

SMTPMTA_HELO_DOMAIN_VERIFY=1
This is used to authenticate the domain name specified in the HELO/EHLO smtp command.

SMTPMTA_RELAY_FORWARDS=1
When this variable is set, the SMTP MTA checks if a recipient has a forwarding address.  If the forwarding
address is an SMTP 821 address, it relays the message back out without conversion.

(For more information on the above NOTES.INI features, refer to the document titled "Certified NOTES.INI Parameters for SMTP MTA on Domino 4.6.2 and 4.6.2a" (#167173 )

und hier:
SMTPMTA_ALLOW_KNOWN_DOMAINS Rejects Users with DHCP Assigned Addresses

Problem:

You are running Domino Server release 4.6.4 or higher and implemented SMTPMTA_ALLOW_KNOWN_DOMAINS=1.  You are noticing that your internal POP3 or IMAP users are not able to send outbound SMTP messages.  This parameter was implemented into the product to allow for internal hosts to use this server as an outbound relay for SMTP messages.

"501 This MTA does not relay, from: [connecting host name] to : [recipient domain name]"

Why are users getting delivery failures for messages they sent to external Internet users?

Solution:

This issue was reported to Lotus Quality Engineering; however, it was determined not to be a software problem.

SMTPMTA_ALLOW_KNOWN_DOMAINS
The variable SMTPMTA_ALLOW_KNOWN_DOMAINS supports an enhanced relay limitation mechanism that provides for configuration of domains for which relay is allowed.  The variable is assigned a value of either zero or non-zero (ex. SMTPMTA_ALLOW_KNOWN_DOMAINS=1).  If this variable is present and has a non-zero value assigned, then the following rules will be enforced:

Mail for a recipient will be rejected if the connecting host resides in an unknown domain and the recipient also resides in an unknown domain.  A failure message will be sent to LOG.NSF when SMTP MTA rejects inbound mail for this reason.

Mail for a recipient will be accepted if either the connecting host or the recipient resides in a known domain.

In addition to the "local" domain, all domains identified in the Global Domain record (Internet Domain Suffix List) will be considered "known domains" when applying the rules described above.  If the MTA decides that a disallowed relay is being attempted, it will return the following reply to the sending host:
"501 This MTA does not relay, from: [connecting host name] to : [recipient domain name]"
If local Mail Clients are utilizing dynamically allocated (DHCP) TCP/IP addresses, it may not be possible for the SMTP MTA to obtain the "domain name" of these Mail Clients via the Domain Name Service (DNS).  Because the SMTP MTA may not be able to obtain the Domain Name for this local Mail Client, it will assume that this is a host in an unknown domain and possibly reject mail from it.  It is therefore recommended that if such local Mail Clients are to be utilized, the Network Administrator configure the DHCP Server so that all IP Addresses it assigns are registered with the DNS and assigned a valid Domain Name.
« Letzte Änderung: 17.10.03 - 13:05:43 von Glombi »

Offline Semeaphoros

  • Gold Platin u.s.w. member:)
  • *****
  • Beiträge: 8.152
  • Geschlecht: Männlich
  • ho semeaphoros - agr.: der Notesträger
    • LIGONET GmbH
Re:unbekannte Mail
« Antwort #5 am: 17.10.03 - 13:35:33 »
Ah, danke Andreas, ich wusste doch, dass hier irgendwo ein zuverlässiger Kollege gleich um die Ecke schauen wird :-)
Jens-B. Augustiny

Beratung und Unterstützung für Notes und Domino Infrastruktur und Anwendungen

Homepage: http://www.ligonet.ch

IBM Certified Advanced Application Developer - Lotus Notes and Domino 7 und 6
IBM Certified Advanced System Administrator - Lotus Notes and Domino 7 und 6

 

Impressum Atnotes.de  -  Powered by Syslords Solutions  -  Datenschutz