WinGate Forums

WinGate Proxy Server and other Qbik products

Skip to content

SMTP Ban List

Use this forum to post questions relating to WinGate, feature requests, technical or configuration problems

Moderator: Qbik Staff

Post a reply

SMTP Ban List

Postby mikebos » Jul 03 04 6:08 pm

Hi,

Using WG5.2.3 which also hosts WGmail. 1 domain + 1 pointer domain

System Policy Everyone assumed.
SMTP requires Guest to receive inbound mail.

Untrusted relaying turned off, we are still proxying spam, even after a WG reinstall.

Tried Ban List
Not Met If SMTP recipient ends in Domain1
Not Met If SMTP recipient ends in Domain2
No inbound mail

Tried Advanced
Not Met If SMTP recipient ends in Domain1
Not Met If SMTP recipient ends in Domain2
No inbound mail

How do I open SMTP to ONLY receive mail to local mailboxes.

Regards
Mike Bos
mikebos
 
Posts: 39
Joined: Nov 11 03 2:55 pm
Top

Postby adrien » Jul 03 04 10:56 pm

Hi Mike

if you have untrusted sender relaying turned off, 5.2.3 will only relay if a user is trusted (and relay for trusted users is on).

A user can be trusted if

a) they authenticate to WinGate somehow
b) there is an assumption which maps their IP to a user account
c) they connect on an adapter which is designated as private/internal

So for spammers to be able to relay, I would check that they aren't authenticating (do all your accounts have passwords assigned?), and also check that the adapters are properly assigned, under Options->Advanced->network interfaces.

Adrien
adrien
Qbik Staff
 
Posts: 5448
Joined: Sep 03 03 2:54 pm
Location: Auckland
Top

SMTP Ban List

Postby mikebos » Jul 04 04 4:17 pm

Hi Adrien,

Untrusted Relaying Off
Trusted Relaying On
ADSL Card is untrusted, Firewall reporting correctly
All assumed IP's are local 192.168.0.*
Local NIC is trusted
All users have passwords but are assumed by NetBios Name/Local IP
Firewall Hole 25 SMTP, 491 WWW Server1, 8080 WWW server2,
Policies, Advanced, Non-proxy is True
I have GIF screendumps of current queue of outbound spam and GK reporting an attempt to relay, queue disppears.

So, how do I ban mail not directed to local users

Regards
Mike
1.01 WINGATE CONFIGURATION REPORT

1.02 Sunday, July 04, 2004, 13:16

1.03

1.04 ---------------------------------------------

1.05 WinGate Engine

1.06 ---------------------------------------------

1.07 WinGate 5.2.3 (Build 901)

1.08 Operating System: Windows 2000 (NT 5.0)

1.09 Language:

1.10

3.01 ---------------------------------------------

3.02 Licence details

3.03 ---------------------------------------------

3.04 Version: WinGate 5 Professional

3.05 Expiry: Does not expire

3.06 Num. users: 10

3.07 Max. users: 12 users

3.08 User database: WinGate

3.09

4.01 ---------------------------------------------

4.02 Dialer information

4.03 ---------------------------------------------

4.04 Dialer is enabled

4.05 Profiles:

4.06 GlobespanVirata Dial-Up PPP Connection (Enabled) 3 retries

4.07 Overall retries: 1

4.08

5.01 ---------------------------------------------

5.02 Network Interfaces

5.03 ---------------------------------------------

5.04 GlobespanVirata Dial-Up PPP Connection (RAS) [External] [Unsecure]

5.05 192.168.0.1 (LAN) [Internal] [Secure]

5.06 127.0.0.1 (LOOPBACK) [Internal] [Secure]

5.07

6.01 ---------------------------------------------

6.02 Services

6.03 ---------------------------------------------

6.04

6.05 System Policies

6.06 ---------------------------------------------

6.07 Default System Access Rights:

6.08 Everyone - Restricted by security level

6.09 Default Start/Stop Rights:

6.10 Administrators - Unrestricted rights

6.11 Default Edit Rights:

6.12 Administrators - Unrestricted rights

6.13

6.14 POP3 Proxy server (POP3 Proxy server)

6.15 ---------------------------------------------

6.16 Session Timeout: 120

6.17 Port: 8110

6.18 Startup: Automatic start/stop

6.19 Binding 1: 192.168.0.1

6.20 Binding 2: 127.0.0.1

6.21 Access Rights: Defaults: may be used instead

6.22 Start/Stop Rights: Defaults: may be used instead

6.23 Edit Rights: Defaults: may be used instead

6.24

6.25 Telnet Proxy server (Telnet Proxy server)

6.26 ---------------------------------------------

6.27 Session Timeout: 60

6.28 Port: 23

6.29 Startup: Automatic start/stop

6.30 Binding 1: 192.168.0.1

6.31 Binding 2: 127.0.0.1

6.32 Access Rights: Defaults: may be used instead

6.33 Start/Stop Rights: Defaults: may be used instead

6.34 Edit Rights: Defaults: may be used instead

6.35

6.36 WWW Proxy server (WWW Proxy server)

6.37 ---------------------------------------------

6.38 Session Timeout: 60

6.39 Port: 80

6.40 Startup: Automatic start/stop

6.41 Binding 1: 192.168.0.1

6.42 Binding 2: 127.0.0.1

6.43 Access Rights: Defaults: may be used instead

6.44 Everyone - Restricted by request

6.45 Start/Stop Rights: Defaults: may be used instead

6.46 Edit Rights: Defaults: may be used instead

6.47

6.48 DHCP Service (DHCP Service)

6.49 ---------------------------------------------

6.50 Session Timeout: 60

6.51 Port: 67

6.52 Startup: Automatic start/stop

6.53 Binding 1: 192.168.0.1

6.54 Access Rights: Defaults: are ignored

6.55 Everyone - Unrestricted rights

6.56 Start/Stop Rights: Defaults: may be used instead

6.57 Edit Rights: Defaults: may be used instead

6.58

6.59 Winsock Redirector Service (Winsock Redirector Service)

6.60 ---------------------------------------------

6.61 Session Timeout: 20

6.62 Port: 2080

6.63 Startup: Automatic start/stop

6.64 Binding 1: 192.168.0.1

6.65 Binding 2: 127.0.0.1

6.66 Access Rights: Defaults: may be used instead

6.67 Start/Stop Rights: Defaults: may be used instead

6.68 Edit Rights: Defaults: may be used instead

6.69

6.70 FTP Proxy server (FTP Proxy server)

6.71 ---------------------------------------------

6.72 Session Timeout: 60

6.73 Port: 21

6.74 Startup: Automatic start/stop

6.75 Binding 1: 192.168.0.1

6.76 Binding 2: 127.0.0.1

6.77 Access Rights: Defaults: may be used instead

6.78 Start/Stop Rights: Defaults: may be used instead

6.79 Edit Rights: Defaults: may be used instead

6.80

6.81 RTSP Streaming Media Proxy (RTSP Streaming Media Proxy)

6.82 ---------------------------------------------

6.83 Session Timeout: 60

6.84 Port: 554

6.85 Startup: Automatic start/stop

6.86 Binding 1: 192.168.0.1

6.87 Binding 2: 127.0.0.1

6.88 Access Rights: Defaults: may be used instead

6.89 Start/Stop Rights: Defaults: may be used instead

6.90 Edit Rights: Defaults: may be used instead

6.91

6.92 SOCKS Proxy server (SOCKS Proxy server)

6.93 ---------------------------------------------

6.94 Session Timeout: 60

6.95 Port: 1080

6.96 Startup: Automatic start/stop

6.97 Binding 1: 192.168.0.1

6.98 Binding 2: 127.0.0.1

6.99 Access Rights: Defaults: may be used instead

6.100 Start/Stop Rights: Defaults: may be used instead

6.101 Edit Rights: Defaults: may be used instead

6.102

6.103 VDOLive Proxy server (VDOLive Proxy server)

6.104 ---------------------------------------------

6.105 Session Timeout: 60

6.106 Port: 7000

6.107 Startup: Automatic start/stop

6.108 Binding 1: 192.168.0.1

6.109 Binding 2: 127.0.0.1

6.110 Access Rights: Defaults: may be used instead

6.111 Start/Stop Rights: Defaults: may be used instead

6.112 Edit Rights: Defaults: may be used instead

6.113

6.114 ABC web server (ABC web server)

6.115 ---------------------------------------------

6.116 Session Timeout: 60

6.117 Port: 8080

6.118 Startup: Automatic start/stop

6.119 Bindings: ANY interface

6.120 Access Rights: Defaults: are ignored

6.121 Everyone - Restricted by request

6.122 Start/Stop Rights: Defaults: may be used instead

6.123 Edit Rights: Defaults: may be used instead

6.124

6.125 POP3 Server (POP3 Server)

6.126 ---------------------------------------------

6.127 Session Timeout: 120

6.128 Port: 110

6.129 Startup: Automatic start/stop

6.130 Binding 1: 192.168.0.1

6.131 Binding 2: 127.0.0.1

6.132 Access Rights: Defaults: may be used instead

6.133 Start/Stop Rights: Defaults: may be used instead

6.134 Edit Rights: Defaults: may be used instead

6.135

6.136 SMTP Server (SMTP Server)

6.137 ---------------------------------------------

6.138 Session Timeout: 300

6.139 Port: 25

6.140 Startup: Automatic start/stop

6.141 Bindings: ANY interface

6.142 Access Rights: Defaults: are ignored

6.143 Mail - Restricted by security level

6.144 Guest - Unrestricted rights

6.145 Start/Stop Rights: Defaults: may be used instead

6.146 Edit Rights: Defaults: may be used instead

6.147

6.148 GDP Service (GDP Service)

6.149 ---------------------------------------------

6.150 Session Timeout: 60

6.151 Port: 368

6.152 Startup: Automatic start/stop

6.153 Binding 1: 192.168.0.1

6.154 Binding 2: 127.0.0.1

6.155 Access Rights: Defaults: may be used instead

6.156 Start/Stop Rights: Defaults: may be used instead

6.157 Edit Rights: Defaults: may be used instead

6.158

6.159 XDMA Proxy service (XDMA Proxy service)

6.160 ---------------------------------------------

6.161 Session Timeout: 20

6.162 Port: 8000

6.163 Startup: Automatic start/stop

6.164 Binding 1: 192.168.0.1

6.165 Binding 2: 127.0.0.1

6.166 Access Rights: Defaults: may be used instead

6.167 Start/Stop Rights: Defaults: may be used instead

6.168 Edit Rights: Defaults: may be used instead

6.169

6.170 StudentAccom web server (StudentAccom web server)

6.171 ---------------------------------------------

6.172 Session Timeout: 60

6.173 Port: 491

6.174 Startup: Automatic start/stop

6.175 Bindings: ANY interface

6.176 Access Rights: Defaults: are ignored

6.177 Everyone - Unrestricted rights

6.178 Start/Stop Rights: Defaults: may be used instead

6.179 Edit Rights: Defaults: may be used instead

6.180

6.181 DNS Service (DNS Service)

6.182 ---------------------------------------------

6.183 Session Timeout: 60

6.184 Port: 53

6.185 Startup: Automatic start/stop

6.186 Binding 1: 192.168.0.1

6.187 Access Rights: Defaults: may be used instead

6.188 Start/Stop Rights: Defaults: may be used instead

6.189 Edit Rights: Defaults: may be used instead

6.190

6.191 WWW Server for viewing log files (Logfile Server)

6.192 ---------------------------------------------

6.193 Session Timeout: 60

6.194 Port: 8010

6.195 Startup: Automatic start/stop

6.196 Binding 1: 192.168.0.1

6.197 Binding 2: 127.0.0.1

6.198 Access Rights: Defaults: may be used instead

6.199 Start/Stop Rights: Defaults: may be used instead

6.200 Edit Rights: Defaults: may be used instead

6.201

6.202 Remote Control Service (Remote Control Service)

6.203 ---------------------------------------------

6.204 Session Timeout: 60

6.205 Port: 808

6.206 Startup: Automatic start/stop

6.207 Binding: 127.0.0.1

6.208 Access Rights: Defaults: may be used instead

6.209 Start/Stop Rights: Defaults: may be used instead

6.210 Edit Rights: Defaults: may be used instead

6.211

7.01 ---------------------------------------------

7.02 System Route Table

7.03 ---------------------------------------------

7.04 Current Route Table:

7.05 ---------------------------------------------

7.06 Network Mask Gateway Interface Metric

7.07 0.0.0.0 0.0.0.0 138.217.146.79 138.217.146.79 1

7.08 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1

7.09 138.217.146.79 255.255.255.255 127.0.0.1 127.0.0.1 1

7.10 138.217.255.255 255.255.255.255 138.217.146.79 138.217.146.79 1

7.11 172.31.158.24 255.255.255.255 138.217.146.79 138.217.146.79 1

7.12 192.168.0.0 255.255.255.0 192.168.0.1 192.168.0.1 1

7.13 192.168.0.1 255.255.255.255 127.0.0.1 127.0.0.1 1

7.14 192.168.0.255 255.255.255.255 192.168.0.1 192.168.0.1 1

7.15 224.0.0.0 224.0.0.0 138.217.146.79 138.217.146.79 1

7.16 224.0.0.0 224.0.0.0 192.168.0.1 192.168.0.1 1

7.17 255.255.255.255 255.255.255.255 192.168.0.1 192.168.0.1 1

7.18

8.01 ---------------------------------------------

8.02 Enhanced Network Support

8.03 ---------------------------------------------

8.04 Enhanced Network Support: 5.10 Syz - Installed and active

8.05 Driver: Enabled

8.06 NAT: Enabled

8.07 Router: Enabled

8.08 Firewall level: Custom

8.09

8.10 Firewall

8.11 ---------------------------------------------

8.12 Disable network name broadcasts to the Internet: Enabled

8.13 Allow users to ping this machine locally: Enabled

8.14 Allow users to ping this machine from the Internet: Disabled

8.15 Discard spoofed packets: Enabled

8.16

8.17 Routing

8.18 ---------------------------------------------

8.19 Multiple default routes: Enabled

8.20 Relay UDP broadcast packets: Enabled

8.100

8.101 Port Security

8.102 ---------------------------------------------

8.103

8.104 Security for: External TCP

8.105 Action: Allow Port: 25 - Hole for SMTP Server

8.106 Action: Allow Port: 113 - AUTH

8.107 Action: Allow Port: 491 - Hole for StudentAccom web server

8.108 Action: Allow Port: 1024 - 4096 - External

8.109 Action: Allow Port: 8080 - Hole for ABC web server

8.110

8.111 Security for: External UDP

8.112 Action: Allow Port: 1024 - 4096 - External

8.113

8.114 Security for: Internal TCP

8.115 Action: Allow Port: 25 - Hole for SMTP Server

8.116

8.117 Security for: Internal UDP

8.118

8.119 Security for: NAT TCP

8.120 Action: Redirect Port: 25 - Transparent Redirect

8.121 Action: Redirect Port: 491 - Transparent Redirect

8.122 Action: Redirect Port: 8080 - Transparent Redirect

8.123

8.124 Security for: NAT UDP

8.500

9.01 ---------------------------------------------

9.02 END OF CONFIGURATION REPORT
mikebos
 
Posts: 39
Joined: Nov 11 03 2:55 pm
Top
Post a reply

Return to WinGate

Who is online

Users browsing this forum: No registered users and 6 guests

Switch to mobile style
Powered by phpBB® Forum Software © phpBB Group
cron