Qmail open relay

Hey there. This is my first post. Here I will describe what meassures I took to close the relay on a friends qmail.

First of all, my friend aproached me and told me he had trouble sending mail anywhere but locally, so I logged into his server (knowing your friend’s password and root password is really an advantage), and checked out the qmail logs :

I ran the following commands:

tail -f /var/log/qmail/current /var/log/qmail/qmail-smtpd/current

It was pretty obvious to me that this server was being used by more Chinese people than the subway of Beijing (Trust me, I lived there for five month)

Confronting my friend with this he admitted that he had received a notice about being in some sort of spam-list. Well, that figures, doesn’t it?

So I shut down the qmail smtpd server:

qmailctl stop

I quickly discovered that the source of our problem was a missing rcpthosts file, only deleted because he thought it blocked him from sending mail. He had made a backup copy, so I recreated it:

mv rcpthosts.bak rcpthosts

After restarting the server, I found out that thousands of mails were still in the queue. Not wanting to send them out, which is the normail procedure for emptying the queue, I had to delete them manually:

cd /var/qmail/queue
mv remote remote.old
mkdir remote
chown qmails:qmail remote

Now a quick restart of qmail and our troubles were over:

qmailctl start