Solved

checking for, and closing open proxies

Posted on 2004-09-28
5
139 Views
Last Modified: 2010-04-22
Hi
I run WBL (same as RH ES) with sendmail 8.12.10 and MailScanner with ClamAV, spamassassin and am 100% sure the box does not allow relaying (unless authenticated).

I would like to test my box for open proxies, and if I find any, how to block/close it.

I found a util (perl script) that runs test against any machine, but either I am not passing the correct arguments, or there simply are no open proxies, yet some of my users claim not being able to send to yahoo addresses - Yahoo says the box has either open relay or open proxy. I've followed their suggestions and checked the box against Open Relay and other spam db's, no hits...

Anyway, I want to make sure for myself, so I would appreciate links to sites that have tools as well as some examples of running the tool ( if command line tool) .
0
Comment
Question by:psimation
5 Comments
 
LVL 18

Accepted Solution

by:
liddler earned 45 total points
ID: 12169365
you don't really need a tool, you can do it manually using telnet, and so can be really sure.  Have a look at the example at http://www.secwiz.com/Default.aspx?tabid=46
and here is an on-line test http://www.abuse.net/relay.html
If abuse.net doen't think you are a relay, I would say that yahoo may be dropping your mail if your mailserver does not have both valid DNS A and PTR records.  A lot of mailserver won't accept mail from mailservers without these
0
 
LVL 17

Author Comment

by:psimation
ID: 12169407
Hi liddler

I don't want to test for open relay, I already know it is secure wrt open relay, I wan to test for open PROXIES.
0
 
LVL 18

Expert Comment

by:liddler
ID: 12169462
0
 
LVL 40

Assisted Solution

by:jlevie
jlevie earned 40 total points
ID: 12170074
With sendmail running on the system any proxy would have to be a rogue process that listens on a port other than 25 (sendmail "owns" that one) and sends mail out on 25. There's nothing furnished with WB that would do that, so if it were there it would have to be some rogue application added after install. The simply check for that is to get a list of all open ports (lsof -i) and compar that to what should be open.
0
 
LVL 5

Assisted Solution

by:paranoidcookie
paranoidcookie earned 40 total points
ID: 12217829
Firstly put in place some sort of firewall block off any ports that you dont need to use this will most likely solve your problem.
Test open ports http://www.auditmypc.com/freescan/scanoptions.asp

Make sure you dont have squid running ps -aux |grep squid

http://www.dnsreport.com/ has some open mail realy testing tools

You could also check for root kits chkrootkit is a useful tool http://www.chkrootkit.org/
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

​Being a Managed Services Provider (MSP) has presented you  with challenges in the past— and by meeting those challenges you’ve reaped the rewards of success.  In 2014, challenges and rewards remain; but as the Internet and business environment evol…
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now