Or you can test it at: http://www.abuse.net/relay.html
You will need to create an account so that you don't abuse the service.
IMHO, it is worth it, especially if you have a lot of machines to test. You
should also do more than the test mouss suggests. We will up to 25 tests to
see if a box is really an open relay because it might relay on an odd
address. An example is:
Test 5
>>>RSET
<<< 250 command processed OK
>>> MAIL FROM:<[EMAIL PROTECTED]>
<<< 250 Sender OK - send RCPTs.
>>> RCPT TO:<user%more.net@[host IP address]>
-----Original Message-----
From: mouss [mailto:[EMAIL PROTECTED]]
Sent: Thursday, June 21, 2001 11:45 AM
To: Gary Rose; [EMAIL PROTECTED]
Subject: Re: Need to Lock Down Mail Relay
At 07:55 21/06/01 -0700, Gary Rose wrote:
>What is the easiest way to test if a mail server has mail relay enabled
>other than pointing your email client at it? Can you telnet to port 25 and
>use SMTP commands? If so, what is the process?
# telnet 1.2.3.4 25
EHLO badaboom
MAIL FROM: <[EMAIL PROTECTED]>
RCPT TO: <[EMAIL PROTECTED]>
QUIT
Notes:
- The server may check the arg of EHLO (badaboom), so you should put your
client hostname.
- bad.domain should be a domain for which relay is denied. You should get a
denial message.
- you must connect from a client which has no special privileges (same for
the from addr).
cheers,
mouss
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
