Solved

Open Relay Test

Posted on 2003-11-06
8
11,115 Views
Last Modified: 2012-08-14
I had a recent problem with my exchange 2000 server being an open relay. So I ran the abuse.net test on it after I thought it was secure. Here is what test 8 said:

Relay test 8
>>> RSET
<<< 250 2.0.0 Resetting
>>> MAIL FROM:<spamtest@[65.115.170.246]>
<<< 250 2.1.0 spamtest@[65.115.170.246]....Sender OK
>>> RCPT TO:<"thermite@comcast.net">
<<< 250 2.1.5 "thermite@comcast.net"@ccc-soft.com
>>> DATA
<<< 354 Start mail input; end with <CRLF>.<CRLF>
>>> (message body)
<<< 250 2.6.0  <rlytest-1068146641-14045@abuse.net> Queued mail for delivery

Does this mean its still open? There is only 50 or so items listed in the SMTP que compared to 1300 when the problem was occuring. Did I not configure something correctly? I have looked at the microsoft articles about this issue and everything looks to be setup properly. Is there something else I should check? Some kind of virus that could exploit this on the server.

Thanks,

-Glen
0
Comment
Question by:Coastalcomputer
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 8

Accepted Solution

by:
JasonBigham earned 500 total points
ID: 9696621
Here is what i expect to get when trying 65.115.170.246. The 'unable to relay' is what you want to see. I x'd out my IP.

220 dc.esconline.cc Microsoft ESMTP MAIL Service, Version: 5.0.2195.6713 ready a
t  Thu, 6 Nov 2003 15:22:53 -0500
250 dc.esconline.cc Hello [x.xx.xxx.xx]
250 2.1.0 test@test.com....Sender OK
550 5.7.1 Unable to relay for test@test.com

0
 

Author Comment

by:Coastalcomputer
ID: 9696632
So you think it is fine now?
0
 
LVL 8

Expert Comment

by:JasonBigham
ID: 9697117
i don't know about the abuse.net test, but try it yourself.

start run
telnet yourip 25
helo
mail from:test@test.com
rcpt to:test@test.com

Should reject you... if so, you are good. This is assuming that your workstation IP was not added to the authorized relay list.
0
Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

 
LVL 56

Expert Comment

by:andyalder
ID: 9701083
Exchange server fails abuse.net test 8, if it passes most of the others don't worry about it, http://support.microsoft.com/default.aspx?scid=kb;en-us;304897 applies.
0
 
LVL 5

Expert Comment

by:vtobusman
ID: 9703442
there is also a fre program called sam spade that will test this for you its free to download from
http://samspade.org
it also check dns and other services to make sure they are working correctly...

  Good Luck
0
 
LVL 9

Expert Comment

by:drev001
ID: 9718164
If you register an account at abuse.net you can run the test in registered mode. This way, the server is only a relay if it delivers the mail. There are a couple of tests exchange servers always fail, they're intended to test older unix servers. The document Andyalder posted explains it better.
0
 
LVL 22

Expert Comment

by:pjedmond
ID: 9728213
Email servers can be set up to accept mail from anyone, for delivery to a specific domain (yours ) only. That appears to be the case you have described. Look at this:

250 2.1.5 "thermite@comcast.net"@ccc-soft.com

It is accepting the email, and making sure that it appends the @ccc-soft.com which I presume is your domain.

If someone tries to use your system for spamming, then it will fail as the email address being sent to will be invalid, and the email will get binned after 8 hours or so. However, this may constitute a denial of service problem as if someone thinks that they can use your server to relay, then they may send 100s of 1000s of emails to your server for delivery as they cannot see that the emails are failed to be delivered. This will use your bandwidth, and if you get an error message for each failed delivery to your sysadmin, then you'll get fed up pretty quickly!

HTH:)
0
 

Expert Comment

by:knye123
ID: 11049460
pjedmond, I believe what you just described is exactly what is happening to me.  I have verified that I am not relaying, but I get thousands of emails trying.  I believe it uses my bandwidth and slows my server.  My email virus scanning program also scans everyone.  What can be done to stop what you have suggested?
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Pegasus Mail (http://www.pmail.com/) is a donation ware that is a collaboration of David Harris along with his team members. It is a desktop mail client that offers the option of configuring more than one mail account with single set up. It supports…
Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Many of my clients call in with monstrous Gmail overloading issues with Outlook. A quick tip is to turn off the All Mail and Important folders from synching. Here is a quick video I made to show you how to turn off these and other folders in Gmail s…

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question