[Info-vax] TCPIP tying up system

JF Mezei jfmezei.spamnot at vaxination.ca
Tue Nov 30 18:38:52 EST 2010 

Jan-Erik Soderholm wrote:

> What does "facing the internet" mean ? 

Will be receiving messages from outside your network.


> As far as TCPIP
> Services in concerned, it doesn't see any difference between
> any (local) TCPIP host and "the Internet". There is nothing
> magic about "the Internet"...

Yes there is.

The goal is to prevent foreigner to send to the chocolate.com smtp
server with a foreign destination email address @bakery.com

But any foreigner should be able to send to any destination within
chocolate.com

And anyone within chocolate.com should be able to send to anyone on the
internet.

The key is to identify what the local delivery zone is (for whom you
accept email coming from the outside, defined by Relay Zones: , as well
as identify the local network from which users can address to anyone on
the internet (Good-Clients:).

For the Relay-Zones: mechanism to work, the NORELAY has to be switched
to RELAY in the TCPIP SET SERVICE  portion.

Say you receive on behalf of both chocolate.com and bakery.com, then you
need to set the service to RELAY, and then define both domains in the
Relay Zones so the SMTP server knows that it can relay mail coming from
anywhere if adressed to any of those 2 domains.

I believe NORELAY also prevents the SMTP server from relaying to another
local SMTP server when the email is from the outside, but not sure.
(consider a case of a gateway SMTP server getting an email from internet
that should be delivered to the SMTP server rthat serves the payroll
department.


> (external) servers/hosts. As long as a local VMS user is
> either the sender or receiver, there is no need for RELAY.

To have proper definition of "local VMS user", you need to enable RELAY
to get the config file Relay Zones: to kick in.

> Note that, if you have some software localy on your VMS
> server that actualy opens port 25 on "localhost" and writes
> directly to the SMTP server (the recevier part), that is
> also (as far as the SMTP server is concerned) beeing seen
> as an external call. The NBL tool is one such tool.

This depends on the definition of Good Clients: If you open a socket to
the smtp server from an IP address included in Good Clients: then you
are allowed to relay to anywhere in the world. This is based on IP address.

More information about the Info-vax mailing list