Open Relay valnarability?
How can I check my server for open relay valnarability?
Thanks |
Submit your IP here: http://www.ordb.org/submit/
|
Actually, that's a bad way to do it. You don't want to get yourself blackholed if you are accidentally an open relay.
There's a very easy way to test. From a remote host (a friend's box, a shell account, etc) use telnet to connect to port 25/tcp on your box and try to send a message through your server to another domain. For example, assume your domain is called "yourdomain.tld" and your mail server is "mail.yourdomain.tld". There is some third party domain (that you don't host) called "otherdomain.tld". Code:
$ telnet mail.yourdomain.tld 25 If you are an open relay, review the instructions found at the MAPS TSI Anti-Relay site. |
yeah, look out
Chort is right. Don't use orbs. That's like calling the cops to come over and test those wild plants in your backyard to see if they contain THC.
You probably are NOT an open relay unless you really tried to mess with your MTA's settings. Every contemporary MTA ships with default settings that prohibit relaying. di11rod |
[mike@localhost mike]$ telnet orbit.localhost.com 25
Trying IP(real ip) address... Connected to IP address Escape character is '^]'. 220 orbit.localhost.com ESMTP Sendmail 8.11.6/8.11.6; Fri, 30 Jan 2004 08:07:46 -0500 Does this server open for relay? Thanks |
Getting a response from the system doesn't not automatically imply that it's a relay. As chort suggested, try to sent email to a user at another domain that is not handled by this system.
|
Ya, if you don't get a responce from outside people won't be able to send mail to you:)
And just so you know, orbs never blacklists you the first time, they give you about a week before they retest, if you aren't fixed by then, you are screwed. |
Pay close attention. Things that you type are in BOLD. Responses are normal font.
Quote:
|
Great info by Chort. Good job!
di11rod |
It's what I do for a living, I better be good at it :)
|
hi chrot,
i just tested mine and its' output is like this: Code:
and also when i check the maillog it only displays info on connect and disconnect from the remote host i am using , no sending mail is taken place thanks |
hi, i have just tested my mail server using the MAPS TSI advice
by telnet into relay-test.mail-abuse.org, and the results are my server is not an open relay :) Code:
however sometimes my mailserver can get a bit wierd like sending out mail to addresses i dun even know :(, however most of the times it got deffered but sometimes it got sent out too. for example: Code:
if so, how can i check and get rid of the script/virus?? thanks :) |
According to the first snippet you posted, you are an open relay. Try issuing the data command to see if it will actually accept your message. The first Postfix log message is just one type of relaying that was denied, probably a number of others were tried. Did you check to make sure they all got rejected?
The part about a message being deferred means it couldn't be delivered because of some type of connection failure. By the looks of it, it was spam being bounced and the responsible server didn't accept it. |
Oh, there may be some more stuff going on there. I'll look at it after I get some sleep.
|
wakssssssss!!!!!
dough!! it seems like mine is an open relay :( try using Code:
Connected to mail.mydomain.com. Code:
how and where can i set my mailserver into not an open relay??? help please :( but how come the one i use from MAPS TSI print out relay denied? wierd :( will try to telnet to the above given add from MAPS again . advice please :( thanks |
All times are GMT -5. The time now is 01:18 AM. |