|
Zak, Is this at G1? Your public MX is an exchange box, so if that box is forwarding to your iSeries make sure relay is turned off in the exchange box. Also, if that box is forwarding then there is no reason for the outside world to talk to the iSeries on port 25 at all, so close it in the firewall. If this isn't at G1 then, no you cannot close the port on the firewall. All inbound mail comes in to port 25. Part of the SMTP protocol is a rcpt to command. A good conversation would be: HELO sendingdomain.com MAIL FROM: <sender@domain.com> RCPT TO: <goodguy@yourdomain.com> ... A relay would be: HELO probablyfakesendingdomain.com MAIL FROM: <probablyinvalid@nowhere.com> RCPT TO: <poorspamreceipent@someotherdomain.com> In the second case your iSeries happily "helps" the SPAMer by sending the mail off to someotherdomain.com. Since both valid and relay mail use the same port you can't stop it at a firewall. You could install a SMTP gateway in the mix and block relaying on it, that would also allow you to run some virus scanning software for your e-mails, but as you pointed out there is relay protection on the iSeries too. Does that protection go back to V4R2? -Walden ------------ Walden H Leverich III President Tech Software (516) 627-3800 x11 (208) 692-3308 eFax WaldenL@TechSoftInc.com http://www.TechSoftInc.com Quiquid latine dictum sit altum viditur. (Whatever is said in Latin seems profound.) -----Original Message----- From: Metz, Zak [mailto:Zak_Metz@G1.com] Sent: Friday, July 26, 2002 11:35 To: 'midrange-l@midrange.com' Subject: RE: Relay Server This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. -- [ Picked text/plain from multipart/alternative ] Done, and tried some variations, but as soon as I start SMTP it starts chewing away again. Subsystem/Job User Type CPU % Function Status QTSMTPSRVR QTCP BCH 54.2 PGM-QTMSSRCP RUN QTGTELNETS QTCP BCH .2 DEQA QTSMTPCLNT QTCP BCH 20.7 PGM-QTMSCLCP SELW QPADEV0004 ZAK INT 4.8 CMD-WAJ RUN DEFAULT QTMHHTTP BCI 3.4 DEQW DEFAULT QTMHHTTP BCI .4 SIGW DEFAULT QTMHHTTP BCH .4 PGM-QTMHHTTP RUN I kinda get the feeling that the data area isn't working. Let me take this from another angle. I have a firewall/router. I should never have anyone outside the firewall sending outgoing mail through the AS/400. Can I close a port without preventing legit e-mail from coming in? -----Original Message----- From: Sean Porterfield [mailto:sporter@bestdist.com] Sent: Friday, July 26, 2002 11:21 AM To: midrange-l@midrange.com Subject: RE: Relay Server >-----Original Message----- >From: Metz, Zak >I'm at r420. I created the QUSRSYS/QTMSNORLY data area to deny >spammers, but it looks like someone is using my system for just that >right now. How can I blow away all mail in the process of being sent? >This is a tiny system so I'm not concerned about accidentally blowing >away real mail. Thanks! IIRC: ENDMSF ENDTCPSVR *SMTP STRTCPSVR *SMTP STRMSF *CLEAR But I may have the order wrong. _______________________________________________ This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@midrange.com To subscribe, unsubscribe, or change list options, visit: http://lists.midrange.com/cgi-bin/listinfo/midrange-l or email: MIDRANGE-L-request@midrange.com Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l. _______________________________________________ This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@midrange.com To subscribe, unsubscribe, or change list options, visit: http://lists.midrange.com/cgi-bin/listinfo/midrange-l or email: MIDRANGE-L-request@midrange.com Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.