Results 1 to 3 of 3
  1. #1
    Join Date
    Nov 2005
    Location
    Harrisburg, PA
    Posts
    776

    SMTP under Exim -- sort of open?

    I really hope I'm just going batty with sleep deprivation, because this is making no sense to me. Before I clobber my poor provider with management requests, I want to see if this is typical behavior or not. I am able to send messages through my SMTP server from my laptop without using any authentication at all. It doesn't matter whether I'm using a client (tested Mail.app and Mozilla Thunderbird) or whether I'm going in via telnet. A typical session might look like this (addresses obfuscated):

    Code:
    asdfasdfasdf:~ ###$ telnet mail.fakedomainname.com 25
    Trying ##.##.##.## ...
    Connected to mail.fakedomainname.com.
    Escape character is '^]'.
    220 fakedomainname.com ESMTP Exim 4.67 Wed, 30 Jan 2008 00:56:03 -0800
    HELO [192.168.2.1]
    250 fakedomainname.com Hello reverse.verizon.net [##.##.##.##]
    MAIL FROM:<[email protected]>
    250 OK
    RCPT TO:<[email protected]>
    250 Accepted
    DATA
    354 Enter message, ending with "." on a line by itself
    This should not work
    .
    250 OK id=1JK8kZ-0004Xx-7O
    quit
    221 fakedomainname.com closing connection
    Connection closed by foreign host.
    asdfasdfasdf:~ username$
    I was expecting to see a "550 authentication required" message after it saw that "RCPT TO" wasn't a locally-hosted domain. I did confirm that the message was properly delivered to the intended Gmail address. So far, it looks like an open relay. But when I use a third-party environment, such as the open relay checker at abuse.net, I am correctly seeing "550" messages at the appropriate places.

    In other words, when anyone else does it, they get "550". When it do it from my laptop (from any client or telnet session), I'm clear to send. Just to add a little zest to the situation, when I did this same test 36 hours ago, I *was* getting "550" errors.

    This doesn't seem right to me. However, my mail admin skill level is approximately zero, so I'm willing to accept that this is normal behavior and that I am overlooking the obvious. Anyone care to throw me a hint?

  2. #2
    Have you ruled out the possibility of "POP before SMTP" authentication happening here?

  3. #3
    Join Date
    Dec 2002
    Location
    chica go go
    Posts
    11,858
    # telnet mail.floor-9.com 25
    220 floor-9.com ESMTP Exim 4.67 Thu, 31 Jan 2008 05:19:40 -0800
    helo [192.168.2.1]
    250 floor-9.com Hello booya.hah.cx [208.100.3.209]
    mail from: <[email protected]>
    250 OK
    rcpt to:<[email protected]>
    550 authentication required
    quit
    221 floor-9.com closing connection

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •