Re: SFF problem with VSI on Integrity?

On 8/14/24 6:58 PM, Stephen Hoffman wrote:

On 2024-08-14 01:25:48 +0000, Richard Jordan said:
 

On 8/13/24 6:28 PM, Stephen Hoffman wrote:

On 2024-08-13 14:54:42 +0000, Richard Jordan said:
>

Problem identified.  There was an incorrect parameter in the TCPIP$SMTP.CONF file.

>
>
That TCPIP$SMTP.CONF file is all too reminiscent of the recent CrowdStrike mess.
>
If that configuration file is missing or empty, OpenVMS SMTP turns into an open relay, too. No errors.
>
>

Yes.  It was unfortunate that drastic SMTP config changes were made in an ECO to 5.7 that were never really followed up on too.  Or documented...  Hopefully 6.0 will be better.

  Or tested, seemingly. Defaulting to an open relay is just spectacularly stupid. Default an unconfigured mail server startup to a safe configuration (e.g. local only), and generate appropriate log chatter.
 I've cobbled together mail relaying for some installation requirements, but it's likely safer to disable the SMTP giblets within the grafted-on IP stack entirely, and modify the apps to access a remote mail server using either direct or indirect ESMTP access.
  

In this case the VMS system receives no email and has no public exposure.  It can send email 'anywhere' but relays through the company's primary SMTP server.  It works fine for current needs; using SENDMAIL (and TCPIP$SFF) to add the Reply-To header option is a new request, and led to the discovery of this problem.
Thanks again to those who responded to the initial query; I really thought a new bug had been exposed, not  just a bad config entry.