Re: Open Relay Testing
On Wed, Jul 02, 2003 at 09:12:38AM -0400, Gene Grimm wrote: > What is the best method of testing mail servers to determine if they are > susceptible to being exploited as an open relay? We have several mail > servers that I want to verify are "secured". Also, I have been having > problems with sending mail, specifically to AOL users, through my Zoom > Internet account at home. I'm not entirely sure I believe Zoom when they say > that their systems are not open relays. Plus I am considering configuring a > "relay MTA" on my home Debian box to route all of my outgoing mail through > our own office mail servers. Are there any HOWTO's describing ways of > creating a secure relay channel between remote MTA's? http://www.ordb.org The software they use for testing open relays is pretty advanced. -- Venlig hilsen/Kind regards Thomas Kirk ARKENA tlf/phone +4570233456 thomas(at)arkena(dot)com Http://www.arkena.com "You tried your best and you failed miserably. The lesson is 'never try'." -- Homer Simpson
Re: Open Relay Testing
On Wed, Jul 02, 2003 at 09:12:38AM -0400, Gene Grimm wrote: > What is the best method of testing mail servers to determine if they are > susceptible to being exploited as an open relay? We have several mail > servers that I want to verify are "secured". Also, I have been having > problems with sending mail, specifically to AOL users, through my Zoom > Internet account at home. I'm not entirely sure I believe Zoom when they say > that their systems are not open relays. Plus I am considering configuring a > "relay MTA" on my home Debian box to route all of my outgoing mail through > our own office mail servers. Are there any HOWTO's describing ways of > creating a secure relay channel between remote MTA's? http://www.ordb.org The software they use for testing open relays is pretty advanced. -- Venlig hilsen/Kind regards Thomas Kirk ARKENA tlf/phone +4570233456 thomas(at)arkena(dot)com Http://www.arkena.com "You tried your best and you failed miserably. The lesson is 'never try'." -- Homer Simpson -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Open Relay Testing
- Original Message - From: "Gene Grimm" <[EMAIL PROTECTED]> To: Sent: Wednesday, July 02, 2003 3:12 PM Subject: Open Relay Testing > What is the best method of testing mail servers to determine if they are > susceptible to being exploited as an open relay? We have several mail > servers that I want to verify are "secured". Also, I have been having > problems with sending mail, specifically to AOL users, through my Zoom > Internet account at home. I'm not entirely sure I believe Zoom when they say > that their systems are not open relays. Plus I am considering configuring a > "relay MTA" on my home Debian box to route all of my outgoing mail through > our own office mail servers. Are there any HOWTO's describing ways of > creating a secure relay channel between remote MTA's? > http://www.abuse.net/relay.html Teun
Re: Open Relay Testing
- Original Message - From: "Gene Grimm" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, July 02, 2003 3:12 PM Subject: Open Relay Testing > What is the best method of testing mail servers to determine if they are > susceptible to being exploited as an open relay? We have several mail > servers that I want to verify are "secured". Also, I have been having > problems with sending mail, specifically to AOL users, through my Zoom > Internet account at home. I'm not entirely sure I believe Zoom when they say > that their systems are not open relays. Plus I am considering configuring a > "relay MTA" on my home Debian box to route all of my outgoing mail through > our own office mail servers. Are there any HOWTO's describing ways of > creating a secure relay channel between remote MTA's? > http://www.abuse.net/relay.html Teun -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Open Relay Testing
On Wed, Jul 02, 2003 at 09:12:38AM -0400, Gene Grimm wrote: > What is the best method of testing mail servers to determine if they are > susceptible to being exploited as an open relay? We have several mail > servers that I want to verify are "secured". Also, I have been having > problems with sending mail, specifically to AOL users, through my Zoom > Internet account at home. I'm not entirely sure I believe Zoom when they say > that their systems are not open relays. Plus I am considering configuring a > "relay MTA" on my home Debian box to route all of my outgoing mail through > our own office mail servers. Are there any HOWTO's describing ways of > creating a secure relay channel between remote MTA's? AOL tends to silently discard 'suspect' mail. This is normal. To check for an open proxy, telnet, from the machine to be tested, to rt.njabl.org port 2500, (ie, 'telnet rt.njabl.org 2500'). They will connect back to that ip and attempt to relay mail. If they succeed, that machine will be placed on the NJABL (though you can also remove yourself when the machine is secured). -- | Life is a lot like a Freak Show brian moore <[EMAIL PROTECTED]> | Nobody laughs when they leave. |-- the residents
Re: Open Relay Testing
As for where to get a check done, I recommend that you google for "mail relay check". There used to be some better relay checkers out there, but legal issues and other foolishness made them shut down. Securing a relay configuration is up to you and the MTA that you use. Different servers offer different options. I would tell you to refer to your MTA documentation. Securing the server itself is one thing, and securing the transport (if you care about that) is another. You might want to make sure that your ISP has their mail servers reverse DNS set up. Some BOFH admins (AOL) like to block mail that comes from servers without a reverse DNS entry that matches the forward entry. Doing reverse lookups is a good idea, but bad in practice because so many ISPs don't even offer reverse DNS delegation, not to mention virtual servers. My ISP is stupid and won't do reverse DNS delegation. That's Orlando Telephone Company of Orlando Florida, owned by CEO Herb Bornack, http://www.orlandotelco.com/. They run finger and http on many of their routers too. =) use dig or nslookup to find out the MX, A, and PTR DNS records of your mail servers. Gene Grimm wrote: What is the best method of testing mail servers to determine if they are susceptible to being exploited as an open relay? We have several mail servers that I want to verify are "secured". Also, I have been having problems with sending mail, specifically to AOL users, through my Zoom Internet account at home. I'm not entirely sure I believe Zoom when they say that their systems are not open relays. Plus I am considering configuring a "relay MTA" on my home Debian box to route all of my outgoing mail through our own office mail servers. Are there any HOWTO's describing ways of creating a secure relay channel between remote MTA's? -- # Jesse Molina # Mail = [EMAIL PROTECTED] # Page = [EMAIL PROTECTED] # Cell = 1.407.970.0280 # Web = http://www.opendreams.net/jesse/
Re: Open Relay Testing
On Wed, Jul 02, 2003 at 04:28:37PM -0400, Gene Grimm wrote: > From: "Jesse Molina" <[EMAIL PROTECTED]> > > ...Securing a relay configuration is up to you and the MTA that you use. > > Different servers offer different options. I would tell you to refer to > > your MTA documentation. ... > > use dig or nslookup to find out the MX, A, and PTR DNS records of your > > mail servers. > > Apologies. I forgot to note that I use Postfix for office servers with Exim > currently installed on my home Deb box. Unfortunately, I don't have a fixed > IP address on the Cable Router for my home account. > my first google hit: http://www.fabel.dk/relay/test/ Goodbye
Re: Open Relay Testing
On Wed, Jul 02, 2003 at 09:12:38AM -0400, Gene Grimm wrote: > What is the best method of testing mail servers to determine if they are > susceptible to being exploited as an open relay? We have several mail > servers that I want to verify are "secured". Also, I have been having > problems with sending mail, specifically to AOL users, through my Zoom > Internet account at home. I'm not entirely sure I believe Zoom when they say > that their systems are not open relays. Plus I am considering configuring a > "relay MTA" on my home Debian box to route all of my outgoing mail through > our own office mail servers. Are there any HOWTO's describing ways of > creating a secure relay channel between remote MTA's? AOL tends to silently discard 'suspect' mail. This is normal. To check for an open proxy, telnet, from the machine to be tested, to rt.njabl.org port 2500, (ie, 'telnet rt.njabl.org 2500'). They will connect back to that ip and attempt to relay mail. If they succeed, that machine will be placed on the NJABL (though you can also remove yourself when the machine is secured). -- | Life is a lot like a Freak Show brian moore <[EMAIL PROTECTED]> | Nobody laughs when they leave. |-- the residents -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Open Relay Testing
As for where to get a check done, I recommend that you google for "mail relay check". There used to be some better relay checkers out there, but legal issues and other foolishness made them shut down. Securing a relay configuration is up to you and the MTA that you use. Different servers offer different options. I would tell you to refer to your MTA documentation. Securing the server itself is one thing, and securing the transport (if you care about that) is another. You might want to make sure that your ISP has their mail servers reverse DNS set up. Some BOFH admins (AOL) like to block mail that comes from servers without a reverse DNS entry that matches the forward entry. Doing reverse lookups is a good idea, but bad in practice because so many ISPs don't even offer reverse DNS delegation, not to mention virtual servers. My ISP is stupid and won't do reverse DNS delegation. That's Orlando Telephone Company of Orlando Florida, owned by CEO Herb Bornack, http://www.orlandotelco.com/. They run finger and http on many of their routers too. =) use dig or nslookup to find out the MX, A, and PTR DNS records of your mail servers. Gene Grimm wrote: What is the best method of testing mail servers to determine if they are susceptible to being exploited as an open relay? We have several mail servers that I want to verify are "secured". Also, I have been having problems with sending mail, specifically to AOL users, through my Zoom Internet account at home. I'm not entirely sure I believe Zoom when they say that their systems are not open relays. Plus I am considering configuring a "relay MTA" on my home Debian box to route all of my outgoing mail through our own office mail servers. Are there any HOWTO's describing ways of creating a secure relay channel between remote MTA's? -- # Jesse Molina # Mail = [EMAIL PROTECTED] # Page = [EMAIL PROTECTED] # Cell = 1.407.970.0280 # Web = http://www.opendreams.net/jesse/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Open Relay Testing
On Wed, Jul 02, 2003 at 04:28:37PM -0400, Gene Grimm wrote: > From: "Jesse Molina" <[EMAIL PROTECTED]> > > ...Securing a relay configuration is up to you and the MTA that you use. > > Different servers offer different options. I would tell you to refer to > > your MTA documentation. ... > > use dig or nslookup to find out the MX, A, and PTR DNS records of your > > mail servers. > > Apologies. I forgot to note that I use Postfix for office servers with Exim > currently installed on my home Deb box. Unfortunately, I don't have a fixed > IP address on the Cable Router for my home account. > my first google hit: http://www.fabel.dk/relay/test/ Goodbye -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Open Relay Testing
From: "Jesse Molina" <[EMAIL PROTECTED]> > ...Securing a relay configuration is up to you and the MTA that you use. > Different servers offer different options. I would tell you to refer to > your MTA documentation. ... > use dig or nslookup to find out the MX, A, and PTR DNS records of your > mail servers. Apologies. I forgot to note that I use Postfix for office servers with Exim currently installed on my home Deb box. Unfortunately, I don't have a fixed IP address on the Cable Router for my home account.
Re: Open Relay Testing
From: "Jesse Molina" <[EMAIL PROTECTED]> > ...Securing a relay configuration is up to you and the MTA that you use. > Different servers offer different options. I would tell you to refer to > your MTA documentation. ... > use dig or nslookup to find out the MX, A, and PTR DNS records of your > mail servers. Apologies. I forgot to note that I use Postfix for office servers with Exim currently installed on my home Deb box. Unfortunately, I don't have a fixed IP address on the Cable Router for my home account. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]