Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 11228
  • Last Modified:

Open Relay Test

I had a recent problem with my exchange 2000 server being an open relay. So I ran the abuse.net test on it after I thought it was secure. Here is what test 8 said:

Relay test 8
>>> RSET
<<< 250 2.0.0 Resetting
>>> MAIL FROM:<spamtest@[65.115.170.246]>
<<< 250 2.1.0 spamtest@[65.115.170.246]....Sender OK
>>> RCPT TO:<"thermite@comcast.net">
<<< 250 2.1.5 "thermite@comcast.net"@ccc-soft.com
>>> DATA
<<< 354 Start mail input; end with <CRLF>.<CRLF>
>>> (message body)
<<< 250 2.6.0  <rlytest-1068146641-14045@abuse.net> Queued mail for delivery

Does this mean its still open? There is only 50 or so items listed in the SMTP que compared to 1300 when the problem was occuring. Did I not configure something correctly? I have looked at the microsoft articles about this issue and everything looks to be setup properly. Is there something else I should check? Some kind of virus that could exploit this on the server.

Thanks,

-Glen
0
Coastalcomputer
Asked:
Coastalcomputer
1 Solution
 
JasonBighamCommented:
Here is what i expect to get when trying 65.115.170.246. The 'unable to relay' is what you want to see. I x'd out my IP.

220 dc.esconline.cc Microsoft ESMTP MAIL Service, Version: 5.0.2195.6713 ready a
t  Thu, 6 Nov 2003 15:22:53 -0500
250 dc.esconline.cc Hello [x.xx.xxx.xx]
250 2.1.0 test@test.com....Sender OK
550 5.7.1 Unable to relay for test@test.com

0
 
CoastalcomputerAuthor Commented:
So you think it is fine now?
0
 
JasonBighamCommented:
i don't know about the abuse.net test, but try it yourself.

start run
telnet yourip 25
helo
mail from:test@test.com
rcpt to:test@test.com

Should reject you... if so, you are good. This is assuming that your workstation IP was not added to the authorized relay list.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
andyalderSaggar makers bottom knockerCommented:
Exchange server fails abuse.net test 8, if it passes most of the others don't worry about it, http://support.microsoft.com/default.aspx?scid=kb;en-us;304897 applies.
0
 
vtobusmanCommented:
there is also a fre program called sam spade that will test this for you its free to download from
http://samspade.org
it also check dns and other services to make sure they are working correctly...

  Good Luck
0
 
drev001Commented:
If you register an account at abuse.net you can run the test in registered mode. This way, the server is only a relay if it delivers the mail. There are a couple of tests exchange servers always fail, they're intended to test older unix servers. The document Andyalder posted explains it better.
0
 
pjedmondCommented:
Email servers can be set up to accept mail from anyone, for delivery to a specific domain (yours ) only. That appears to be the case you have described. Look at this:

250 2.1.5 "thermite@comcast.net"@ccc-soft.com

It is accepting the email, and making sure that it appends the @ccc-soft.com which I presume is your domain.

If someone tries to use your system for spamming, then it will fail as the email address being sent to will be invalid, and the email will get binned after 8 hours or so. However, this may constitute a denial of service problem as if someone thinks that they can use your server to relay, then they may send 100s of 1000s of emails to your server for delivery as they cannot see that the emails are failed to be delivered. This will use your bandwidth, and if you get an error message for each failed delivery to your sysadmin, then you'll get fed up pretty quickly!

HTH:)
0
 
knye123Commented:
pjedmond, I believe what you just described is exactly what is happening to me.  I have verified that I am not relaying, but I get thousands of emails trying.  I believe it uses my bandwidth and slows my server.  My email virus scanning program also scans everyone.  What can be done to stop what you have suggested?
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now