In article <006d01bf5579$81bfd5e0$[EMAIL PROTECTED]> you write:
>There are a variety of sites on the internet that will perform such a relay
>probe for you. It's important to consider the possibility that the probe
>script at some of these sites may not be perfect and the dialog echoed back
>to your browser (or telnet session) may not be complete.
Yup. Roadrunner's running a modified version of the script I wrote
for the MAPS RSS and the abuse.net tester. It's spoofed by qmail,
since some of the relay tests are accepted by the SMTP daemon and
bounced later, only the tester can't tell that at SMTP time. My
script is full of warnings like "the system MAY or MAY NOT be an open
relay, depending on whether it mails the message back to you or
bounces it." But people ignore the warnings and panic. Sigh.
When I have a chance, I plan to make it look at at the SMTP banner,
and if it recognizes a particular MTA, reorder the tests to put the
most useful ones first and warn about the ones that may be spoofed.
>> >>> MAIL FROM:<openrelaytest@[24.131.161.83]>
>> <<< 250 ok
>> >>> RCPT TO:<[EMAIL PROTECTED]@[24.131.161.83]>
>> <<< 250 ok
>> >>> DATA
>> <<< 354 go ahead
>> >>> (message body)
>> <<< 250 ok 945363799 qp 29925
--
John R. Levine, IECC, POB 727, Trumansburg NY 14886 +1 607 387 6869
[EMAIL PROTECTED], Village Trustee and Sewer Commissioner, http://iecc.com/johnl,
Member, Provisional board, Coalition Against Unsolicited Commercial E-mail
