Re: Need to Lock Down Mail Relay

Gerardo Soto Fri, 22 Jun 2001 07:55:34 -0700

Hello:

        Check this web site, they do not ask to create an account and they
really test your mail server. Be prepare for it.

http://www.orbs.org


Regards,

On Thu, 21 Jun 2001, Alvin Oga wrote:

> 
> hi lance.. et.al..
> 
> i just went to http://www.abuse.net/relay.html
>       - they wanted a login passwd etc..etc...
> 
> so wound up doing the telnet stuff as shown... by you folks
> 
> i'd like to add that  the "telnet  mail.foo.com 25"
> is the suspected open relay you are trying to test...
>       - if its open... you wanna close it as its admin
>       - if its open... as a spammer...you're a bad boy
>       - its open if you dont get "relay denied"
> 
> Another good url to use besides the abuse.net site...
> 
>       http://www.paladincorp.com.au/unix/spam/spamlart/
> 
> Anyway... I've collected a few more urls for online open relay testing
> 
> http://www.linux-sec.net/audit_tools.gwif.html#Relay
> 
> have fun
> alvin
> http://www.Linux-Sec.net
> 
> On Thu, 21 Jun 2001, Lance Ecklesdafer wrote:
> 
> > What I try to do is connect to the server on port 25 and go through this
> > process.
> > (1) HELO INTRUDER.COM
> > <The server responds>
> > (2) MAIL FROM:[EMAIL PROTECTED]
> > <The server responds>
> > (3)RCPT TO: [EMAIL PROTECTED]
> > <The server will give you an error if it will not accept relays. If it
> > accepts mail for a domain other than the domain it is servicing, then it is
> > open for a relay attack.>
> > If you want to continue your message then you can enter:
> > (4)DATA
> > <the server will tell you to enter data with only a "." on the last line>
> > (5)RSET
> > (6)QUIT
> > 
> > That is basically what I do. Does anyone else have anything to add?
> > 
> > Lance
> > 
> > 
> > ----- Original Message -----
> > From: "Gary Rose" <[EMAIL PROTECTED]>
> > To: <[EMAIL PROTECTED]>
> > Sent: Thursday, June 21, 2001 10:55 AM
> > Subject: Need to Lock Down Mail Relay
> > 
> > 
> > > What is the easiest way to test if a mail server has mail relay enabled
> > > other than pointing your email client at it? Can you telnet to port 25 and
> > > use SMTP commands? If so, what is the process?
> > >
> > >
> > > Thanks.
> > >
> > >
> > > -G
> > >
> > > _______________________________________________
> > > Firewalls mailing list
> > > [EMAIL PROTECTED]
> > > http://lists.gnac.net/mailman/listinfo/firewalls
> > 
> > _______________________________________________
> > Firewalls mailing list
> > [EMAIL PROTECTED]
> > http://lists.gnac.net/mailman/listinfo/firewalls
> > 
> 
> _______________________________________________
> Firewalls mailing list
> [EMAIL PROTECTED]
> http://lists.gnac.net/mailman/listinfo/firewalls
> 

_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
Re: Need to Lock Down Mail Relay

Reply via email to
