I really hope I'm just going batty with sleep deprivation, because this is making no sense to me. Before I clobber my poor provider with management requests, I want to see if this is typical behavior or not. I am able to send messages through my SMTP server from my laptop without using any authentication at all. It doesn't matter whether I'm using a client (tested Mail.app and Mozilla Thunderbird) or whether I'm going in via telnet. A typical session might look like this (addresses obfuscated):
asdfasdfasdf:~ ###$ telnet mail.fakedomainname.com 25
Trying ##.##.##.## ...
Connected to mail.fakedomainname.com.
Escape character is '^]'.
220 fakedomainname.com ESMTP Exim 4.67 Wed, 30 Jan 2008 00:56:03 -0800
250 fakedomainname.com Hello reverse.verizon.net [##.##.##.##]
MAIL FROM:<[email protected]>
RCPT TO:<[email protected]>
354 Enter message, ending with "." on a line by itself
This should not work
250 OK id=1JK8kZ-0004Xx-7O
221 fakedomainname.com closing connection
Connection closed by foreign host.
I was expecting to see a "550 authentication required" message after it saw that "RCPT TO" wasn't a locally-hosted domain. I did confirm that the message was properly delivered to the intended Gmail address. So far, it looks like an open relay. But when I use a third-party environment, such as the open relay checker at abuse.net, I am correctly seeing "550" messages at the appropriate places.
In other words, when anyone else does it, they get "550". When it do it from my laptop (from any client or telnet session), I'm clear to send. Just to add a little zest to the situation, when I did this same test 36 hours ago, I *was* getting "550" errors.
This doesn't seem right to me. However, my mail admin skill level is approximately zero, so I'm willing to accept that this is normal behavior and that I am overlooking the obvious. Anyone care to throw me a hint?