Author Topic: Mail Scanner creates an open relay?  (Read 2526 times)

0 Members and 1 Guest are viewing this topic.

Offline zelani

  • Newbie
  • *
  • Posts: 13
Mail Scanner creates an open relay?
« on: August 31, 2004, 03:29:38 AM »
Avast Pro 4.1.418 on Win XP Pro
Winmail Mail Server 3.8
Apache Server 2.0.50

Since I host my own domain and email - I set up the avast mail scanner to intervene ... avast was listening on ports 25 and 110 , then after scanning it forwards to the actual mail server I hid on ports 40025 and 40110.  Since my server receives mail from anyone sending it to me I have to bind the mail scanner to my network IP not to 127.0.0.1

Everything worked perfectly.  Only one problem.  From my log files I can see that avast does not pass off the originating IP address to the mail server.  My mail server receives from avast, MY IP address as the originating IP address -- therefore all mail is considered to be from me and can be relayed.  I can compare the two log files (avast and the server log) and I can get the originating IP from the avast log file, so I can see exactly what happened to allow the relay.

Now I do realize that avast pro wasn't designed to be used in exactly this type of situation.

I solved my problem by removing avast from the mail server side and putting it between my email client (The Bat!) and my server like it was intended to be used.  But I'm curious if anyone else has any experience with this, I read the entire avast.ini thread  but no help, thought there might be a switch or setting that could effect this?
by bill
bbzz@zelani.net


My favorite question is WHY.  My second favorite is WHY NOT.

Offline Vlk

  • Avast CEO
  • Serious Graphoman
  • *
  • Posts: 11665
  • Please don't send me IM's. Email only. Thx.
    • ALWIL Software
Re:Mail Scanner creates an open relay?
« Reply #1 on: August 31, 2004, 08:48:25 AM »
You're basically correct. If you enable aswMaiSv to listen on non-localhost addresses, it will create an open relay...
If at first you don't succeed, then skydiving's not for you.

Offline zelani

  • Newbie
  • *
  • Posts: 13
Re:Mail Scanner creates an open relay?
« Reply #2 on: August 31, 2004, 10:12:42 AM »
I know avast pro isn't intended to protect a server.
Downside is, as I understand it, avast server only runs on Windows $erver, which is huge overkill for the small server I run/need.  Unless I missed something there really isn't a product in the middle for this kind of situation.  Something that'll run on XP pro.
I solved my problem for now but I wish I could put the antivirus between the internet and the mail server.

by bill
bbzz@zelani.net


My favorite question is WHY.  My second favorite is WHY NOT.

Offline Vlk

  • Avast CEO
  • Serious Graphoman
  • *
  • Posts: 11665
  • Please don't send me IM's. Email only. Thx.
    • ALWIL Software
Re:Mail Scanner creates an open relay?
« Reply #3 on: August 31, 2004, 10:38:25 AM »
avast! Server Edition runs under workstation OS's as well but you probably won't like its price tag. :)
If at first you don't succeed, then skydiving's not for you.

Offline zelani

  • Newbie
  • *
  • Posts: 13
Re:Mail Scanner creates an open relay?
« Reply #4 on: August 31, 2004, 11:44:18 AM »
Actually the $399 part didn't bother me.  I read the page http://www.avast.com/eng/avast_4_server.html#3 which leads me to believe that it needs a server OS - since all the similar products I've looked at do.  

It'll run on XP Pro ?  And sit in front of my mail server like I want it to, or will I have to get the smtp plug in also, http://www.avast.com/eng/avast_smtp.html - I don't run IIS at all, winmail leans on apache.

by bill
bbzz@zelani.net


My favorite question is WHY.  My second favorite is WHY NOT.