open relay test
How do I check for open relay? I saw something once with a simple test. could someone please point me to something similar -- Kind regards Kevin Waterson CEO OceaniaTLA
RE: open relay test
http://www.abuse.net/relay.html is a good way. Dave -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 17, 2000 7:13 PM To: [EMAIL PROTECTED] Subject: open relay test How do I check for open relay? I saw something once with a simple test. could someone please point me to something similar -- Kind regards Kevin Waterson CEO OceaniaTLA
Re: Open relay test.
*duh* - telnetting into the world from our mail server is prohibited by the firewall hehe. mail-abuse.org accepts mail from me via that server tho (relay reports). You're welcome to use my experimental tester at http://www.abuse.net/relay.html. It's more or less the same tests that the MAPS RSS uses, and is pretty similar to but less aggressive than ORBS. It also does the user%dom1@dom2 test, because that's a famous relay hole in a lot of sendmail systems. If you have qmail, the tester will note that it accepted the message, then say in large ugly blinking letters that your system is only an open relay if it actually forwards the message back. If you're a registered abuse.net user, it can assign you a temporary abuse.net forwarding address so you can test your own server using an address not in your own domain. (Friendly hint: if you ignore the ugly blinking message and send me mail anyway saying that the tester claimed that your system is an open relay because it accepted the test message, I'll write back and call you a moron.) -- John R. Levine, IECC, POB 727, Trumansburg NY 14886 +1 607 387 6869 [EMAIL PROTECTED], Village Trustee and Sewer Commissioner, http://iecc.com/johnl, Member, Provisional board, Coalition Against Unsolicited Commercial E-mail
Re: Open relay test.
On 8 Sep 2000, John R. Levine wrote: | (Friendly hint: if you ignore the ugly blinking message and send me | mail anyway saying that the tester claimed that your system is an open | relay because it accepted the test message, I'll write back and call | you a moron.) | Hrmm.. i just ran the test through my servers john, and for some reason, i dont see any blinking text... only in pure black text: RSET 250 flushed MAIL FROM:[EMAIL PROTECTED] 250 ok RCPT TO:"relaytest%abuse.net" 250 ok Relay test result Hmmn, at first glance, host appeared to accept a message for relay. THIS MAY OR MAY NOT MEAN THAT IT'S AN OPEN RELAY. -- ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)439-0200/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 1:10pm up 1 day, 18:39, 3 users, load average: 0.22, 0.12, 0.10
Re: Open relay test.
On Sun, Sep 03, 2000 at 02:07:25PM -0700, Eric Cox wrote: [snip] I am adding the non-colors, table feature.. I do not like the colors or tags. GUI people like it.. I will add a Bool for the Graphics and table format.. so that you can switch from either mode.. however as you reported at the bottom it is not considered a open relay.. But if ORBS runs the test and it fails then you are added to the ORBS database.. I don't think that's true. They bad-mouth qmail for doing this in their tech section, but I'm almost certain that the mail has to actually be relayed to get listed. The badmouthing at www.orbs.org is about qmail being an open relay if rcpthosts doesn't exist. And yes, orbs only lists you if the relay test message gets delivered. Greetz, Peter. -- [ircoper][EMAIL PROTECTED] - Peter van Dijk / Hardbeat [student]Undernet:#groningen/wallops | IRCnet:/#alliance [developer]_ [disbeliever - the world is backwards](__VuurWerk__(--*-
Re: Open relay test.
I imagine that more than one person on this list has spoken to ORBS about their misleading relay test? How many people have ended up on the ORBS list simply because their qmail installations accepted emails with "%" or "!" in the To: field? NO ONE! ORBS tester requires the E-Mail to reach them at their test account, this can only happen if you are an Open Relay server. They also keep the relayed message at their site for verification. MVH André Paulsberg
Re: Open relay test.
"OK 2 NET - André Paulsberg" wrote: I imagine that more than one person on this list has spoken to ORBS about their misleading relay test? How many people have ended up on the ORBS list simply because their qmail installations accepted emails with "%" or "!" in the To: field? NO ONE! ORBS tester requires the E-Mail to reach them at their test account, this can only happen if you are an Open Relay server. They also keep the relayed message at their site for verification. AH good. =) -Stephen-
Open relay test.
Hey all, I have put together a small OPEN relay tester. It runs the same test ORBS runs. http://www.prodigysolutions.com/relay_test.html Sean Truman[EMAIL PROTECTED]http://www.prodigysolutions.com/
Re: Open relay test.
i tested your tester, thanks :)
(*erm*, wouldnt it be easier if you could copy/paste from the results page
without having to open the page source and seeing those *tons* of
color/font tags? :)
however, your test claims i am running an open relay due to these results:
MAIL FROM:([EMAIL PROTECTED]@62.96.181.213)
250 ok
RCPT TO:("nobody%prodigysolutions.com")
250 ok
250 flushed
and
MAIL FROM:([EMAIL PROTECTED]@62.96.181.213)
250 ok
RCPT TO:("prodigysolutions.com!nobody")
250 ok
250 flushed
i tried both procedures from a shell that is not in my relayclients,
and qmail accepted the mails but then tried to deliver them to
[EMAIL PROTECTED] and domain.ext!user
which are non-existing users, so the mails ended up in the
~/alias/.qmail-default handling. so they were not forwarded to any
external address (at least). so i wonder if your tester's final judgement:
"You are running a Open Relay" is fully correct.
so i wonder:
1. are those two "leaks" in the antirelay settings really a problem? and
2. how could i fix them.
cheers
wolfgang
Also sprach Sean C Truman [EMAIL PROTECTED] on
03.09.2000:
Hey all,
I have put together a small OPEN relay tester. It runs the same
test
ORBS runs.
http://www.prodigysolutions.com/relay_test.html
Re: Open relay test.
On Sun, Sep 03, 2000 at 09:49:19AM -0400, Sean C Truman wrote: Hey all, I have put together a small OPEN relay tester. It runs the same test ORBS runs. http://www.prodigysolutions.com/relay_test.html It also states falsely that if a host that handles mail for the "example.com" domain e.g. accepts [EMAIL PROTECTED] [EMAIL PROTECTED]@example.com [EMAIL PROTECTED] then it is an open relay although it isn't. A TRUE relay tester must wait and see if the mail get's relayed due to implementation/configuration. /magnus -- http://x42.com/
Re: Open relay test.
oops sorry, that was rather a temporary netscape problem that didnt let me copy/paste. Also sprach wolfgang zeikat [EMAIL PROTECTED] on 03.09.2000: (*erm*, wouldnt it be easier if you could copy/paste from the results page without having to open the page source and seeing those *tons* of color/font tags? :)
Re: Open relay test.
I am adding the non-colors, table feature.. I do not like the colors or
tags. GUI people like it.. I will add a Bool for the Graphics and table
format.. so that you can switch from either mode.. however as you reported
at the bottom it is not considered a open relay.. But if ORBS runs the test
and it fails then you are added to the ORBS database..
If you would like to pass all test. get the badmailfrom patch from
www.qmail.org and use it.. and filter out the *%* unless you are using the
percent for anything.
Sean
- Original Message -
From: wolfgang zeikat [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Sunday, September 03, 2000 10:52 AM
Subject: Re: Open relay test.
i tested your tester, thanks :)
(*erm*, wouldnt it be easier if you could copy/paste from the results page
without having to open the page source and seeing those *tons* of
color/font tags? :)
however, your test claims i am running an open relay due to these results:
MAIL FROM:([EMAIL PROTECTED]@62.96.181.213)
250 ok
RCPT TO:("nobody%prodigysolutions.com")
250 ok
250 flushed
and
MAIL FROM:([EMAIL PROTECTED]@62.96.181.213)
250 ok
RCPT TO:("prodigysolutions.com!nobody")
250 ok
250 flushed
i tried both procedures from a shell that is not in my relayclients,
and qmail accepted the mails but then tried to deliver them to
[EMAIL PROTECTED] and domain.ext!user
which are non-existing users, so the mails ended up in the
~/alias/.qmail-default handling. so they were not forwarded to any
external address (at least). so i wonder if your tester's final judgement:
"You are running a Open Relay" is fully correct.
so i wonder:
1. are those two "leaks" in the antirelay settings really a problem? and
2. how could i fix them.
cheers
wolfgang
Also sprach Sean C Truman [EMAIL PROTECTED] on
03.09.2000:
Hey all,
I have put together a small OPEN relay tester. It runs the same
test
ORBS runs.
http://www.prodigysolutions.com/relay_test.html
Re: Open relay test.
Magnus, Thanks for the input.. I will go ahead and have it send a message then check to see if it actually relayed it. I just pretty much copied the telnet mail-abuse.org test onto a Web page.. Sean - Original Message - From: Magnus Bodin [EMAIL PROTECTED] To: qmail list [EMAIL PROTECTED] Sent: Sunday, September 03, 2000 10:54 AM Subject: Re: Open relay test. On Sun, Sep 03, 2000 at 09:49:19AM -0400, Sean C Truman wrote: Hey all, I have put together a small OPEN relay tester. It runs the same test ORBS runs. http://www.prodigysolutions.com/relay_test.html It also states falsely that if a host that handles mail for the "example.com" domain e.g. accepts [EMAIL PROTECTED] [EMAIL PROTECTED]@example.com [EMAIL PROTECTED] then it is an open relay although it isn't. A TRUE relay tester must wait and see if the mail get's relayed due to implementation/configuration. /magnus -- http://x42.com/
Re: Open relay test.
On Sun, Sep 03, 2000 at 11:00:14AM -0400, Sean C Truman wrote: I am adding the non-colors, table feature.. I do not like the colors or tags. GUI people like it.. I will add a Bool for the Graphics and table format.. so that you can switch from either mode.. however as you reported at the bottom it is not considered a open relay.. But if ORBS runs the test and it fails then you are added to the ORBS database.. But ORBS tests are dumb. [EMAIL PROTECTED] could actually be a mail address at my system. Why should anybody make a false decision about me running an open relay due to the fact that there are lots of MTA:s out there with buggy percenthack implementations/configurations? This holds for the other "strange" e-mail addresses in the test as well. /magnus -- http://x42.com/
Re: Open relay test.
Also sprach Sean C Truman [EMAIL PROTECTED] on 03.09.2000: But if ORBS runs the test and it fails then you are added to the ORBS database.. i doubt that. my server has repeatedly been tested by ORBS and is considered clean. wolfgang
Re: Open relay test.
Magnus, I agree the ORBS test are dumb and don't really pertain to 95% of the mail servers out there. But if you are in the ORBS database then some mail is going to be rejected. This test is just a overall test so that all system administrators can test. Not just the 95% of us out there. And as far as decision making.. no one is making any decisions. If you know certain test don't apply to you. Ignore them! As a mail administrator you should know which test do and don't apply to your server.. The test does not report it's results to anywhere except your browser. Sean - Original Message - From: Magnus Bodin [EMAIL PROTECTED] To: qmail list [EMAIL PROTECTED] Sent: Sunday, September 03, 2000 11:07 AM Subject: Re: Open relay test. On Sun, Sep 03, 2000 at 11:00:14AM -0400, Sean C Truman wrote: I am adding the non-colors, table feature.. I do not like the colors or tags. GUI people like it.. I will add a Bool for the Graphics and table format.. so that you can switch from either mode.. however as you reported at the bottom it is not considered a open relay.. But if ORBS runs the test and it fails then you are added to the ORBS database.. But ORBS tests are dumb. [EMAIL PROTECTED] could actually be a mail address at my system. Why should anybody make a false decision about me running an open relay due to the fact that there are lots of MTA:s out there with buggy percenthack implementations/configurations? This holds for the other "strange" e-mail addresses in the test as well. /magnus -- http://x42.com/
Re: Open relay test.
Wolfgang, This test doesn't do the ORBS test.. It does the test at mail-abuse.org. If you can send me a copy of the test that ORBS preforms. I would be happy to add them.. If you would like to see what I am talking about with mail-abuse.org, From your mail server just telnet to mail-abuse.org and you will see what I am explaining. Sean - Original Message - From: wolfgang zeikat [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Sunday, September 03, 2000 11:16 AM Subject: Re: Open relay test. Also sprach Sean C Truman [EMAIL PROTECTED] on 03.09.2000: But if ORBS runs the test and it fails then you are added to the ORBS database.. i doubt that. my server has repeatedly been tested by ORBS and is considered clean. wolfgang
Re: Open relay test.
On Sun, Sep 03, 2000 at 11:42:22AM -0400, Sean C Truman wrote: Magnus, I agree the ORBS test are dumb and don't really pertain to 95% of the mail servers out there. But if you are in the ORBS database then some mail is going to be rejected. This test is just a overall test so that all system administrators can test. Not just the 95% of us out there. And as far as decision making.. no one is making any decisions. If you know certain test don't apply to you. Ignore them! As a mail administrator you should know which test do and don't apply to your server.. The test does not report it's results to anywhere except your browser. I agree partly. But my point is that the test is misleading and will cause confusion for those who don't understand. Especially if it states with big letters that "You are running an Open Relay" without any explanations. /magnus -- http://x42.com/
Re: Open relay test.
*duh* - telnetting into the world from our mail server is prohibited by the firewall hehe. mail-abuse.org accepts mail from me via that server tho (relay reports). wolfgang Also sprach Sean C Truman [EMAIL PROTECTED] on 03.09.2000: From your mail server just telnet to mail-abuse.org and you will see what I am explaining.
Re: Open relay test.
Magnus, Newbieproof the script.. Gottcha.. That all you had to say.. Sorry.. :) Sean - Original Message - From: Magnus Bodin [EMAIL PROTECTED] To: qmail list [EMAIL PROTECTED] Sent: Sunday, September 03, 2000 12:02 PM Subject: Re: Open relay test. On Sun, Sep 03, 2000 at 11:42:22AM -0400, Sean C Truman wrote: Magnus, I agree the ORBS test are dumb and don't really pertain to 95% of the mail servers out there. But if you are in the ORBS database then some mail is going to be rejected. This test is just a overall test so that all system administrators can test. Not just the 95% of us out there. And as far as decision making.. no one is making any decisions. If you know certain test don't apply to you. Ignore them! As a mail administrator you should know which test do and don't apply to your server.. The test does not report it's results to anywhere except your browser. I agree partly. But my point is that the test is misleading and will cause confusion for those who don't understand. Especially if it states with big letters that "You are running an Open Relay" without any explanations. /magnus -- http://x42.com/
Re: Open relay test.
I imagine that more than one person on this list has spoken to ORBS about their misleading relay test? How many people have ended up on the ORBS list simply because their qmail installations accepted emails with "%" or "!" in the To: field? This seems extraordinarily stupid to me... -Stephen-
Re: Open relay test.
Sean C Truman wrote: I am adding the non-colors, table feature.. I do not like the colors or tags. GUI people like it.. I will add a Bool for the Graphics and table format.. so that you can switch from either mode.. however as you reported at the bottom it is not considered a open relay.. But if ORBS runs the test and it fails then you are added to the ORBS database.. I don't think that's true. They bad-mouth qmail for doing this in their tech section, but I'm almost certain that the mail has to actually be relayed to get listed. Eric
Re: Open relay test.
"Stephen F. Bosch" wrote: I imagine that more than one person on this list has spoken to ORBS about their misleading relay test? How many people have ended up on the ORBS list simply because their qmail installations accepted emails with "%" or "!" in the To: field? None. ORBS doesn't do this. If none of the mails are relayed back to one of the ORBS recieving machines, the tested machine is not listed. This seems extraordinarily stupid to me... It would be if it were true... Eric
Re: Open relay test.
Sean C Truman [EMAIL PROTECTED] writes: I agree the ORBS test are dumb and don't really pertain to 95% of the mail servers out there. But if you are in the ORBS database then some mail is going to be rejected. Except that ORBS doesn't actually add people who "fail" that test but don't relay the mail. So it's not true that your tester is using the same tests as ORBS is. -- Russ Allbery ([EMAIL PROTECTED]) http://www.eyrie.org/~eagle/
