Solved

Open Relay Test

Posted on 2003-11-06
8
11,072 Views
Last Modified: 2012-08-14
I had a recent problem with my exchange 2000 server being an open relay. So I ran the abuse.net test on it after I thought it was secure. Here is what test 8 said:

Relay test 8
>>> RSET
<<< 250 2.0.0 Resetting
>>> MAIL FROM:<spamtest@[65.115.170.246]>
<<< 250 2.1.0 spamtest@[65.115.170.246]....Sender OK
>>> RCPT TO:<"thermite@comcast.net">
<<< 250 2.1.5 "thermite@comcast.net"@ccc-soft.com
>>> DATA
<<< 354 Start mail input; end with <CRLF>.<CRLF>
>>> (message body)
<<< 250 2.6.0  <rlytest-1068146641-14045@abuse.net> Queued mail for delivery

Does this mean its still open? There is only 50 or so items listed in the SMTP que compared to 1300 when the problem was occuring. Did I not configure something correctly? I have looked at the microsoft articles about this issue and everything looks to be setup properly. Is there something else I should check? Some kind of virus that could exploit this on the server.

Thanks,

-Glen
0
Comment
Question by:Coastalcomputer
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 8

Accepted Solution

by:
JasonBigham earned 500 total points
ID: 9696621
Here is what i expect to get when trying 65.115.170.246. The 'unable to relay' is what you want to see. I x'd out my IP.

220 dc.esconline.cc Microsoft ESMTP MAIL Service, Version: 5.0.2195.6713 ready a
t  Thu, 6 Nov 2003 15:22:53 -0500
250 dc.esconline.cc Hello [x.xx.xxx.xx]
250 2.1.0 test@test.com....Sender OK
550 5.7.1 Unable to relay for test@test.com

0
 

Author Comment

by:Coastalcomputer
ID: 9696632
So you think it is fine now?
0
 
LVL 8

Expert Comment

by:JasonBigham
ID: 9697117
i don't know about the abuse.net test, but try it yourself.

start run
telnet yourip 25
helo
mail from:test@test.com
rcpt to:test@test.com

Should reject you... if so, you are good. This is assuming that your workstation IP was not added to the authorized relay list.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 55

Expert Comment

by:andyalder
ID: 9701083
Exchange server fails abuse.net test 8, if it passes most of the others don't worry about it, http://support.microsoft.com/default.aspx?scid=kb;en-us;304897 applies.
0
 
LVL 5

Expert Comment

by:vtobusman
ID: 9703442
there is also a fre program called sam spade that will test this for you its free to download from
http://samspade.org
it also check dns and other services to make sure they are working correctly...

  Good Luck
0
 
LVL 9

Expert Comment

by:drev001
ID: 9718164
If you register an account at abuse.net you can run the test in registered mode. This way, the server is only a relay if it delivers the mail. There are a couple of tests exchange servers always fail, they're intended to test older unix servers. The document Andyalder posted explains it better.
0
 
LVL 22

Expert Comment

by:pjedmond
ID: 9728213
Email servers can be set up to accept mail from anyone, for delivery to a specific domain (yours ) only. That appears to be the case you have described. Look at this:

250 2.1.5 "thermite@comcast.net"@ccc-soft.com

It is accepting the email, and making sure that it appends the @ccc-soft.com which I presume is your domain.

If someone tries to use your system for spamming, then it will fail as the email address being sent to will be invalid, and the email will get binned after 8 hours or so. However, this may constitute a denial of service problem as if someone thinks that they can use your server to relay, then they may send 100s of 1000s of emails to your server for delivery as they cannot see that the emails are failed to be delivered. This will use your bandwidth, and if you get an error message for each failed delivery to your sysadmin, then you'll get fed up pretty quickly!

HTH:)
0
 

Expert Comment

by:knye123
ID: 11049460
pjedmond, I believe what you just described is exactly what is happening to me.  I have verified that I am not relaying, but I get thousands of emails trying.  I believe it uses my bandwidth and slows my server.  My email virus scanning program also scans everyone.  What can be done to stop what you have suggested?
0

Featured Post

MS Dynamics Made Instantly Simpler

Make Your Microsoft Dynamics Investment Count  & Drastically Decrease Training Time by Providing Intuitive Step-By-Step WalkThru Tutorials.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Today, security is a big concern in an organization to prevent sensitive data leakage. In Outlook you can secure your Outlook items (emails, calendars, contacts and other stuff) using various techniques like by marking item as private, or you can pu…
I didn’t use eM Client for long when I decided to swap to Outlook 2016. The reason for the switch is that it started asking for payment to continue some of its services after one month.   The problems I faced when I didn’t pay were:   I was not …
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question