Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

GWIA set to prevent relay w/excepts, still allow unauth internal relay

Status
Not open for further replies.

lap73

MIS
Jul 11, 2001
13
US
I am running GroupWise 6.5 SP4. I have configured GWIA to prevent message relaying, and have included a list of allowed host in the Exceptions List. (GWIA_object, Access Control, SMTP Relay Settings, Prevent Relaying). This is working fine, all of the Allowed hosts are able to relay messages to both internal and external addresses.

I have also tested to make sure a host NOT on the Allow list, Cannot relay messages. That is when the problem occurs. From a workstation that is Not in the Allow List, I am Denied Relay when I try to send to an external Internet Domain. Great! That is working as excepted. However, if I send to my own Internal Domain (from the same PC), the GWIA allows the message to relay. Why?

Doesn't "prevent relaying" mean PREVENT RELAYING??

 
Generally speaking, "Relaying" means using one server to bounce mail off of and going to a DIFFERENT mail domain/server.

Sending mail to your internal domain is not relaying, it's mail delivery.



Marvin Huffaker, MCNE
 
Is that the case even if I am testing with a POP3 e-mail client (Outlook Express), and not my GroupWise client? I guess I assumed that if I configure Outlook Express to point to my GWIA as it's SMTP server, that I was simulating an external host attempting to Relay against the GWIA? Is there a better way to test that relaying is denied?

The reason for my question, is because we recently had an internal PC get infected with the Netski virus. This PC was clearly using our GWIA to relay and spread itself to other computers on the "internal" network. So now, the executives are looking for answers as to why our GWIA allowed this to happen.

 
If you are using Outlook... then it is OUTLOOKS fault, not the GWIA. The GWIA was just doing what any SMTP server will do. Nothing to do with GroupWise.

Any SMTP server will accept mail for a domain that it owns. That's how it is supposed to work. It doesn't matter the source whether its internal or external.

If you were using the GroupWise client instead of Outlook, this virus would not have spread. Your problem again, is with the lack of security built into Outlook.

Marvin Huffaker, MCNE
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top