Solved

Open Relay Test

Posted on 2003-11-06
8
10,946 Views
Last Modified: 2012-08-14
I had a recent problem with my exchange 2000 server being an open relay. So I ran the abuse.net test on it after I thought it was secure. Here is what test 8 said:

Relay test 8
>>> RSET
<<< 250 2.0.0 Resetting
>>> MAIL FROM:<spamtest@[65.115.170.246]>
<<< 250 2.1.0 spamtest@[65.115.170.246]....Sender OK
>>> RCPT TO:<"thermite@comcast.net">
<<< 250 2.1.5 "thermite@comcast.net"@ccc-soft.com
>>> DATA
<<< 354 Start mail input; end with <CRLF>.<CRLF>
>>> (message body)
<<< 250 2.6.0  <rlytest-1068146641-14045@abuse.net> Queued mail for delivery

Does this mean its still open? There is only 50 or so items listed in the SMTP que compared to 1300 when the problem was occuring. Did I not configure something correctly? I have looked at the microsoft articles about this issue and everything looks to be setup properly. Is there something else I should check? Some kind of virus that could exploit this on the server.

Thanks,

-Glen
0
Comment
Question by:Coastalcomputer
8 Comments
 
LVL 8

Accepted Solution

by:
JasonBigham earned 500 total points
ID: 9696621
Here is what i expect to get when trying 65.115.170.246. The 'unable to relay' is what you want to see. I x'd out my IP.

220 dc.esconline.cc Microsoft ESMTP MAIL Service, Version: 5.0.2195.6713 ready a
t  Thu, 6 Nov 2003 15:22:53 -0500
250 dc.esconline.cc Hello [x.xx.xxx.xx]
250 2.1.0 test@test.com....Sender OK
550 5.7.1 Unable to relay for test@test.com

0
 

Author Comment

by:Coastalcomputer
ID: 9696632
So you think it is fine now?
0
 
LVL 8

Expert Comment

by:JasonBigham
ID: 9697117
i don't know about the abuse.net test, but try it yourself.

start run
telnet yourip 25
helo
mail from:test@test.com
rcpt to:test@test.com

Should reject you... if so, you are good. This is assuming that your workstation IP was not added to the authorized relay list.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 55

Expert Comment

by:andyalder
ID: 9701083
Exchange server fails abuse.net test 8, if it passes most of the others don't worry about it, http://support.microsoft.com/default.aspx?scid=kb;en-us;304897 applies.
0
 
LVL 5

Expert Comment

by:vtobusman
ID: 9703442
there is also a fre program called sam spade that will test this for you its free to download from
http://samspade.org
it also check dns and other services to make sure they are working correctly...

  Good Luck
0
 
LVL 9

Expert Comment

by:drev001
ID: 9718164
If you register an account at abuse.net you can run the test in registered mode. This way, the server is only a relay if it delivers the mail. There are a couple of tests exchange servers always fail, they're intended to test older unix servers. The document Andyalder posted explains it better.
0
 
LVL 22

Expert Comment

by:pjedmond
ID: 9728213
Email servers can be set up to accept mail from anyone, for delivery to a specific domain (yours ) only. That appears to be the case you have described. Look at this:

250 2.1.5 "thermite@comcast.net"@ccc-soft.com

It is accepting the email, and making sure that it appends the @ccc-soft.com which I presume is your domain.

If someone tries to use your system for spamming, then it will fail as the email address being sent to will be invalid, and the email will get binned after 8 hours or so. However, this may constitute a denial of service problem as if someone thinks that they can use your server to relay, then they may send 100s of 1000s of emails to your server for delivery as they cannot see that the emails are failed to be delivered. This will use your bandwidth, and if you get an error message for each failed delivery to your sysadmin, then you'll get fed up pretty quickly!

HTH:)
0
 

Expert Comment

by:knye123
ID: 11049460
pjedmond, I believe what you just described is exactly what is happening to me.  I have verified that I am not relaying, but I get thousands of emails trying.  I believe it uses my bandwidth and slows my server.  My email virus scanning program also scans everyone.  What can be done to stop what you have suggested?
0

Featured Post

ScreenConnect 6.0 Free Trial

Check out the updates in one game-changing release, ScreenConnect 6.0, based on partner feedback. New features include a redesigned UI that improves session organization and overall user experience. See the enhancements for yourself!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Google Apps Business Email limits 3 27
PowerShell Script failing 3 52
Send Receive script 6 75
Opera UI gone nuts 4 59
It’s a strangely common occurrence that when you send someone their login details for a system, they can’t get in. This article will help you understand why it happens, and what you can do about it.
Preparing an email is something we should all take special care with – especially when the email is for somebody you may not know very well. The pressures of everyday working life stacked with a hectic office environment can make this a real challen…
The purpose of this video is to demonstrate how to set up an account with Mailchimp. This will be demonstrated using a Windows 8 PC. Tools Used are: Mailchimp.com Go to Mailchimp.com : Enter an Email, Username, and Password. Click Create My Acco…
The purpose of this video is to demonstrate how to set up a Mailchimp Template which will let the user create a uniform look for all of their campaigns. This will be demonstrated using a Windows 8 PC. Mailchimp will be used. Log into your Mail…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question