Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

GWIA relaying anyway? 1

Status
Not open for further replies.
MrClinker

MrClinker

MIS
Mar 22, 2002
19
UY
Dear experts:

I use Groupwise 5.5, with relaying NOT allowed but I think that my system is relaying messages anyway. I have BorderManager 3.5 with access rules enforced regarding the use of SMTP port 25.

Anyway, in my GWIA DEFER folder I have many files like this:
----------------------------
yahoo.co.kr
HELO mi.cartigas.com.uy
MAIL FROM:<>
RCPT TO:<zwpjvx166xsxfxqq@yahoo.co.kr>
DATA
---------------------------

and like this:
----------------------------
aaa.com
HELO mi.cartigas.com.uy
MAIL FROM:<>
RCPT TO:<b183132@aaa.com>
DATA
Received: from Dommi-Message_Server by mi.cartigas.com.uy
with Novell_GroupWise; Fri, 01 Oct 2004 00:31:24 -0300
Message-Id: <s15ca55c.036@mi.cartigas.com.uy>
X-Mailer: Novell GroupWise 5.5
Date: Fri, 01 Oct 2004 00:31:24 -0300
Return-path: <>
From: Mailer-Daemon@mi.cartigas.com.uy
To: b183132@aaa.com
Subject: Message status - undeliverable
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="=_2606369C.13721E2F"

This is a MIME message. If you are reading this text, you may want to
consider changing to a mail reader or gateway that understands how to
properly handle MIME multipart messages.

--=_2606369C.13721E2F
Content-Type: text/plain; charset=US-ASCII
Content-Disposition: inline

The message that you sent was undeliverable to the following:
kiss5785@hanmail.net (access denied)

Possibly truncated original message follows:

--=_2606369C.13721E2F
Content-Type: message/rfc822

Received: from pc1-raupxv7bogz
([222.101.168.62])
by mi.cartigas.com.uy; Fri, 01 Oct 2004 00:30:55 -0300
From: 1001@@@<b183132@aaa.com>
To: kiss5785@hanmail.net
Subject: 207.138.162.139
Content-Type: text/html; charset=EUC-KR
<HTML><HEAD><META http-equiv=Content-Type content="text/html; charset=EUC-KR"></HEAD>
<BODY>SMTP <FONT COLOR="blue"> Scanning... </BODY>
º¸³½³¯Â¥ : 2004-10-01 12:31:43

--=_2606369C.13721E2F--
.
QUIT
-----------------------------

Is my server relaying? How can I tell GWIA not to save this files in the DEFER directory?

Thank you very much,

Gerardo.
Minas - Uruguay
South America.
 
Sort by date Sort by votes
It has been a while since I had v5.5.x in production (currently under v6.5.x). I was able to find some notes I had archived away concerning relaying for v5.5.x. They might be helpful to you.

NOTES:

GroupWise 5 GroupWise Internet Agent (GWIA) may be partially secured against unauthorized relay. This is not, however, complete relay control, and third parties may still take advantage of your system.
Using NWAdmin, go to the details page of the Gateway. Click on the "Access Control" tab, and then the "SMTP Relay" button. Check the "Prevent Message Relaying" radio button, then click OK.

There is a workaround to secure the GroupWise SMTP/MIME gateway. Edit the DOMAIN/WPGATE/SMTP/GWSMTP.CFG file (with any text editor) and add the switch "/NOROUTING". Mail relay will now be disabled. If you have the option set to save problem mail, the messages instead will be saved into your problem directory, so be sure to keep an eye on it.
In version 5.5, add "/NOROUTING" to the GWIA.CFG file in the SYS:SYSTEM folder.

We've been told that these relay control features simply do not work before version 5.5.4, and that even after 5.5.4 quoting the recipient address will bypass all of Groupwise's relay controls. Novell has released a patch which is reported to fix the "quote hack" in 5.5.4 (aka Groupwise 5.5 with Service Pack 4.) This patch will not work on earlier versions of Groupwise, or if SP4 is not installed. We have a copy of the documentation from the patch here <dnload/fgwia55c.txt>, and the self-extracting archive itself here <dnload/fgwia55c.exe>. It is also available from Novell's website <
GroupWise 6 is now the current release. It will prevent relay messages. Using the ConsoleOne admin utility, goto the properties of the GWIA gateway. Click on the "SMTP Relay Setting" from the "Access Control" tab/menu. Under the "SMTP Defaults" box, Check the "Prevent Message Relaying" radio button, then click OK. The GWIA will restart on its own. the GWIA can now be tested for relay by following this Novell TID < and using "rcpt to: test@nodomain.com <mailto:test@nodomain.com>". You should receive a "550 Relaying denied"


FarOut
V-Peace-V
 
Upvote 0 Downvote
Except that this 5.5.4 patch doesnt work.

5.5.4 does indeed NOT relay by adding the "/NOROUTING" to the GWIA.CFG file in the SYS:SYSTEM folder.

The problem is that the messages are NOT deleted.
They pile up in the DEFER folder.
Bouncing back and forth between DEFER/SEND.
I eventually had to delete more than 89,000 files
from these folders before GWIA was brought to its knees.
The messages keep getting queued up.

And NO symantec corp AV NLM for Novell does NOT in ANY WAY
find the enbedded Netsky virus in the mime section.

Damn symantec.

Im trying to get my client to install ASSP or GW 6.5.



 
Upvote 0 Downvote
Deleting these messages is not enough. I was running into this all the time. There is a TID on Novell about a way to properly get rid of all these messages. What I usually do is shutdown the GWIA delete or rename the defer, send, receive and result. Then start GWIA back up and it will create these necessary directories. I think this works in 5.5.4 I know it works in 5.5.5. This cleans them out temporarily.

Susan Hebel, MASE, CNE
Senior Network Engineer
TCI Systems, Inc.
 
Upvote 0 Downvote
TID 10008353: GWIA abending due to corrupted config files.
TID 10024174: Also not relevent since the SMTP check box for Stop relaying is off, has been off for years.
So are the forward to postmaster, enable mailbomb protection and save copy in X folder options.

But thanks for trying.
Customer is just going to have to upgrade.

GW 5.5.5 doesnt relay, but does accumulate spam in the TID-mentioned folders.

Tra La La

George Walkey
Senior Geek in charge
 
Upvote 0 Downvote
It doesn't matter whether the GWIA is abending or not. If you try what I suggested it will work. I have done it on several clients server. Just follow the renaming process.

Susan Hebel, MASE, CNE
Senior Network Engineer
TCI Systems, Inc.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

wfooshee
  • Locked
  • Question
GWIA runs a few seconds, stops
Replies
5
Views
77
wfooshee
wfooshee
jjtbt
  • Locked
  • Question
GWIA and smtp
Replies
3
Views
72
marvhuffaker
marvhuffaker
k3n85
  • Locked
  • Question
GWIA Messing up attachments
Replies
1
Views
47
k3n85
k3n85
3dawgs
  • Locked
  • Question
Where's the GWIA log located?
Replies
3
Views
60
NeilOrangePeel
NeilOrangePeel
Michael514
  • Locked
  • Question
GWIA Log file rollover problem
Replies
0
Views
48
Michael514
Michael514

Part and Inventory Search

Sponsor

Back
Top