Spotted differences to an open relay testing between qmail-1.03-r16 and netqmail-1.05-r4 by just changing the binaries compiled in /var/qmail/bin. Since netqmail is now the default for virtual/qmail, you may want to provide the same level of security that before mid-january. Might be a missing patch. Thanks. Reproducible: Always Steps to Reproduce: 1. Configure a mail server with netqmail-1.05-r4 2. Run http://www.rbl.jp/cgi-bin/svcheck.cgi?hostname=MAIL.DOMAIN.TLD&lang=en 3. Replace /var/qmail/bin binaries by the same compiled with qmail-1.03-r16 4. Run the same URL again Actual Results: Differences in results Expected Results: Identical results
Created attachment 108693 [details] Result of a qmail-1.03-r16 open relay test No relaying at all at the end of the test
Created attachment 108695 [details] Result of a netqmail-1.05-r4 open relay test 7 tests relayed
Most likely this is because we don't patch netqmail like we did with qmail. Please bug upstream (http://www.qmail.org/netqmail/) or use a custom patch if this is an issue for you. We won't add any non-upstream suggested patches to the mail-mta/netqmail ebuild because anything else would end in the same mess as mail-mta/qmail.
