Solved

Stop positive relay tests on IIS 6 SMTP

Posted on 2008-10-28
4
288 Views
Last Modified: 2013-11-30
We've been having some delivery issues, so I decided to test our gateway server for its reputation and relaying. This server runs IIS 6 SMTP virtual server and Sophos Puremessage. Using the tests at http://www.abuse.net/relay.html, the server passes all until test 8, which returns:

Relay test 8
>>> RSET
<<< 250 2.0.0 Resetting
>>> MAIL FROM:<spamtest@[XXX.XXX.XXX.XXX]>
<<< 250 2.1.0 spamtest@[XXX.XXX.XXX.XXX]....Sender OK
>>> RCPT TO:<"securitytest@abuse.net">
<<< 250 2.1.5 "securitytest@abuse.net"@mailgateway.ourdomain.edu

Relay test result
Hmmn, at first glance, host appeared to accept a message for relay.

(Where XXX.XXX.XXX.XXX is the IP address of our gateway server and mailgateway.ourdomain.edu is the FQDN of the server running IIS and Puremessage.

How do I configure the server to pass this test? Does this test really matter when it passes the others? The mail is of a form that could not be delivered since the gateway only relays mail to our internal Exchange server (so far as I can see).
0
Comment
Question by:cblake031699
  • 3
4 Comments
 
LVL 37

Expert Comment

by:meverest
ID: 22838816
Hi,

that is not necessarily a relay fail result.  it is only a fail result IF the message is actually delivered to the intended relay destination.

i honestly do /not/ expect that IIS smtp service will deliver that mail.

cheers.
 
0
 

Author Comment

by:cblake031699
ID: 22846033
That's my feeling, too. But I want to be sure that spammers are not going to detect the server as an open relay and throw junk at it, and that the server will not fail tests from other ISPs and be blacklisted. Perhaps I'm being paranoid!
0
 
LVL 37

Accepted Solution

by:
meverest earned 500 total points
ID: 22846720
Hi,

that is a reasonable concern, but not something you can effectively prevent.  this is why IIS smtp server is not really a good solution for an inbound mail gateway.

even a server that rejects mail just based on the smtp envelope is not immune to idiot spammers throwing junk at it, especially because most spam these days is generated via zombie-botnet sources.  And since that uses someone else's cpu and bandwidth, thus no spamking really cares to make the process more efficient.

Cheers.
0
 
LVL 37

Expert Comment

by:meverest
ID: 22846736
also, no spamtest should add you to a blacklist just for accepting mail - only if it is actually delivered.

Cheers.
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Resolve DNS query failed errors for Exchange
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now