Differences

This shows you the differences between two versions of the page.

--- email:test_open_relay [2016/07/04 23:04] – created peter
+++ email:test_open_relay [2019/11/27 22:14] (current) – removed peter
@@ Line 1: / Line 1: @@
-====== Email - Test Open Relay ======
-An outside individual who uses your mail server to deliver email using a false email address is considered relaying mail via your server.  A mail server that allows relaying is usually considered to be setup incorrectly and is frequently abused by spammers.  These spammers find and use unsecured mail servers to send out unsolicited commercial email.
-Tracking down a spammer who uses mail servers open to relaying is difficult.  This is because the email appears to be coming from your server, rather than from the original sender.  Such spam being delivered by your mail server can give your company a bad reputation.
-===== Email Relay Test =====
-How do you check your server for relaying?  Easy, just use a computer outside of your organization and type the commands included in the tables below – you’ll want to do this from a command prompt.
-In the following examples, mail.example.com is the mail server you are checking, sender@example.com is a valid email account at mail.example.com (or a fake email address – try both), and youremail@outsideaddress.com is the email account you want this message to go to.
-===== An example of a mail server that does NOT allow relaying =====
-You type this text:
-<code bash>
-telnet mail.example.com 25
-</code>
-The server should respond with:
-<code bash>
-Trying 10.10.10.1.
-Connected to mail.example.com.
-Escape character is ‘^]’.
-mail.example.com
-</code>
-You should type:
-<code bash>
-HELO mail.example
-</code>
-The server should respond with:
-<code>
-OK
-</code>
-You should enter:
-<code bash>
-MAIL FROM:<sender@example.com>
-</code>
-The server should respond with:
-<code bash>
-OK – Mail from <sender@example.com>
-</code>
-You should enter:
-<code bash>
-RCPT TO:<youremail@outsideaddress.com>
-</code>
-The server should respond with:
-<code bash>
-Relaying is prohibited
-</code>
-You should enter:
-<code bash>
-QUIT
-</code>
-The server should reply with:
-<code bash>
-Closing connect, good bye
-</code>
-===== An example of a mail server that DOES allow relaying =====
-You type this text:
-<code bash>
-telnet mail.example.com 25
-</code>
-Server should respond with:
-<code bash>
-Trying 10.10.10.1.
-Connected to mail.example.com.
-Escape character is ‘^]’.
-mail.example.com
-</code>
-You should enter:
-<code bash>
-HELO mail.example
-</code>
-The server should respond with:
-<code bash>
-OK
-</code>
-You should enter:
-<code bash>
-MAIL FROM:<sender@example.com>
-</code>
-The server should respond with:
-<code bash>
-OK – Mail from <sender@example.com>
-</code>
-You should enter:
-<code bash>
-RCPT TO:<youremail@outsideaddress.com>
-</code>
-The server should respond with:
-<code bash>
-OK
-</code>
-You should enter:
-<code bash>
-DATA
-</code>
-The server should respond with:
-<code bash>
-End data with <CR><LF><CR><LF>
-</code>
-You should enter:
-<code bash>
-From: sender@example.com
-To: youremail@outsideaddress.com
-Subject: Relay test
-This is a relay test and only a test.
-(type  <CR><LF>.<CR><LF> or [enter].[enter] to end data)
-</code>
-The server should respond:
-<code bash>
-OK: Queued as T22122A5
-</code>
-You should enter:
-<code bash>
-QUIT
-</code>
-The server should respond:
-<code bash>
-Closing connect, good bye
-</code>
-===== Preventing message relaying with MS Exchange =====
-Before you start, check which version you are running – you must be running Microsoft Exchange Server 5.5 or greater, then follow these 7 steps.
-  - Go to the Internet Mail Service Properties dialog box in Microsoft Exchange
-  - Select the Routing tab at the top.
-  - Select the option Reroute incoming SMTP mail (required for POP3/IMAP4 support).
-  - Reroute incoming SMTP mail.
-  - For each domain you host, you need an entry in the Routing section.
-  - Click the Routing Restrictions button.
-  - Make sure Hosts and clients with these IP addresses is checked. Leave the list of IP addresses blank.