[Info-vax] SFF problem with VSI on Integrity?

[Richard Jordan]

On 8/14/24 6:58 PM, Stephen Hoffman wrote:
> On 2024-08-14 01:25:48 +0000, Richard Jordan said:
> 
>> On 8/13/24 6:28 PM, Stephen Hoffman wrote:
>>> On 2024-08-13 14:54:42 +0000, Richard Jordan said:
>>>
>>>> Problem identified.  There was an incorrect parameter in the 
>>>> TCPIP$SMTP.CONF file.
>>>
>>>
>>> That TCPIP$SMTP.CONF file is all too reminiscent of the recent 
>>> CrowdStrike mess.
>>>
>>> If that configuration file is missing or empty, OpenVMS SMTP turns 
>>> into an open relay, too. No errors.
>>>
>>>
>> Yes.  It was unfortunate that drastic SMTP config changes were made in 
>> an ECO to 5.7 that were never really followed up on too.  Or 
>> documented...  Hopefully 6.0 will be better.
> 
> 
> Or tested, seemingly. Defaulting to an open relay is just spectacularly 
> stupid. Default an unconfigured mail server startup to a safe 
> configuration (e.g. local only), and generate appropriate log chatter.
> 
> I've cobbled together mail relaying for some installation requirements, 
> but it's likely safer to disable the SMTP giblets within the grafted-on 
> IP stack entirely, and modify the apps to access a remote mail server 
> using either direct or indirect ESMTP access.
> 
> 
> 
In this case the VMS system receives no email and has no public 
exposure.  It can send email 'anywhere' but relays through the company's 
primary SMTP server.  It works fine for current needs; using SENDMAIL 
(and TCPIP$SFF) to add the Reply-To header option is a new request, and 
led to the discovery of this problem.

Thanks again to those who responded to the initial query; I really 
thought a new bug had been exposed, not  just a bad config entry.