Is your mail server an open relay?

Posted by Steve on Mon 8 Nov 2004 at 09:41

Tags: ,

Open relays allow people to use your mail server to deliver spam and mail to people whilst using your resources.

None of the mail servers which are part of the Debian operating system are setup insecurely by default, but if you are new to setting up a mail server you should be cautious that you do not open your server accidently.

One very simple way of testing it is to fire off an automated test.

From your mail server run:

telnet relay-test.mail-abuse.org

This will attempt to connect back to your machine and run a series of mail relaying tests against it.

The success or failure will be printed at the end of the run.

If you are inadvertantly running as a relay consult your mail server documentation for tips on how to prevent it.

Add Comment XML logo Printable version

 

<<< Running Microsoft Windows inside Debian: qemu Setting up your own cross platform chat server >>>

 

 

#
Re: Is your mail server an open relay?
Posted by davee on Mon 8 Nov 2004 at 12:49
[ Send Message ]
telnet relay-test.mail-abuse.org 25
Is that supposed to do something? It just sits there for a minute and then times out: 
Trying 168.61.4.13...

Connected to Cygnus.Mail-Abuse.ORG.

Escape character is '^]'.

220 cygnus.mail-abuse.org ESMTP Postfix

421 cygnus.mail-abuse.org Error: timeout exceeded

Connection closed by foreign host.
Did you miss out any additional instructions?

[ Parent | Reply to this comment ]

#
Re: Is your mail server an open relay?
Posted by Steve on Mon 8 Nov 2004 at 12:54
[ Send Message | View Steve's Scratchpad | View Weblogs ]

D'oh.
I mistyped that by force of habbit, omit the '25' from the telnet command: 


steve@skx:~$ telnet relay-test.mail-abuse.org

Trying 168.61.4.13...

Connected to Cygnus.Mail-Abuse.ORG.

Escape character is '^]'.

Connecting to 212.13.199.210 ...

<<< 220 skx.vm.bytemark.co.uk ESMTP Exim 3.35 #1 Mon, 08 Nov 2004 12:52:47 +0000

>>> HELO cygnus.mail-abuse.org

<<< 250 skx.vm.bytemark.co.uk Hello cygnus.mail-abuse.org [168.61.4.13]

:Relay test: #Quote test

>>> mail from: 

<<< 250  is syntactically correct

>>> rcpt to: <'nobody@mail-abuse.org'>

<<< 501 <'nobody@mail-abuse.org'>: recipient address must contain a domain

>>> rset

<<< 250 Reset OK

:Relay test: #Test 1

...

...

...

System appeared to reject relay attempts

Connection closed by foreign host.


I'll edit the article to fix it.

-- Steve.org.uk

[ Parent | Reply to this comment ]

#
Re: Is your mail server an open relay?
Posted by Anonymous (216.220.xx.xx) on Wed 2 Mar 2005 at 18:12
It is also possible to do this straight from the abuse.net website, if that is easier when the need arises. See: http://www.abuse.net/relay.html

[ Parent | Reply to this comment ]

#
Re: Is your mail server an open relay?
Posted by Anonymous (68.74.xx.xx) on Wed 7 Mar 2007 at 17:35
Thanks! I was wondering whether or not I had my server set up correctly (which I did).

[ Parent | Reply to this comment ]

#
Re: Is your mail server an open relay?
Posted by Anonymous (67.131.xx.xx) on Mon 24 Sep 2007 at 21:14
The telnet server just times out for me.

I found another one that worked.

telnet rt.njabl.org 2500

[ Parent | Reply to this comment ]

Sign In

Username:

Password:

[Register|Advanced]

 

Flattr

 

Current Poll

Your version control software of choice is




( 839 votes ~ 9 comments )