Results 1 to 4 of 4
  1. #1
    Join Date
    Oct 2003

    How-To: Test Your Mail Servers Relay

    An "open relay" is a server that allows third-parties (non-customers) to send mail to other third-parties. In other words, an open relay mail server processes a mail message where neither the sender nor the recipient is a local user.

    There are several techniques that spammers use to get other's mail servers to send their mail. (The spammer's goal is to be able to send to the outside -- not just to the local accounts.) The following are some of the techniques used to try to get a mail server to relay mail. (Some other techniques include abusing form-to-mail CGIs on webservers.)

    First off I will be using telnet to connect to the mail server. Open a new shell on your local machine or if your on windows run>"cmd"

    Here is a basic session:

    >[email protected]:~> telnet 25
    Trying xxx.xx.xx.xx...
    Connected to
    Escape character is '^]'.
    220 ESMTP
    >mail from: [email protected]
    250 ok
    >rcpt to: [email protected]
    553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)
    >rcpt to: [email protected]
    250 ok
    354 go ahead
    >This is a test email via telnet session' Hi'
    250 ok 1080286547 qp 31615
    250 flushed
    Connection closed by foreign host.
    [email protected]:~>

    OK so that's pretty simple right.
    NOTE: I added ">" to every line I typed.

    More commands HERE

  2. #2
    Join Date
    May 2004
    Tucson, Arizona
    how do you check a port blocked by your isp? I'm on and I cant even see if my smtp server is working because of port 25 being blocked totaly.
    Plain Fast Small Business Web Hosting & Server Management

  3. Thumbs down Ah, the early years...

    Like you, I used to think that if I knew how to do all this "self-checking", then I could prevent spammers from using my servers for their own purposes. Trust me, I know probably every trick in the book and personally have a black belt in exercising telnet like you've done.

    I formerly maintained a well-managed and configured email box and was satisfied that I did all the diligence required to keep it from being an open relay. I did all the tests that were available, not only the one you indicated but the more advanced ones using the percent sign and address "parsing hacks". Nonetheless, somebody with very advanced spamming software still relayed spam through my email server. It's IP address got blacklisted and that's that. Once blacklisted you will find that you're not going to get off that list. All the litmus tests that prove you're not an open relay won't change the fact that you (somehow) were an open relay. Period.

    I would strongly suggest outsourcing your email relaying and mailboxes to somebody else. It's not really worth the effort and expense.

  4. #4
    Hi RegisteringBytes,

    Where can I outsource the email relaying and mailboxes? Is there a company can do that?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts