O Avoid Setting Up an Open Relay

The Internet offers lots of resources for checking open relays; one of them is available at http://www.abuse.net/relay.html. You can easily find many more, or you can test your own server by sending a message from an untrusted IP address to an external domain:

<Verbatim listing 17> # telnet mail.example.org 25 Trying 192.168.1.1... Connected to mail.example.org. Escape character is '*]'.

220 box.example.org ESMTP mail.example.org ; Mon, 9 Oct 2006 15:42:23 GMT HELO testclient.example.org

250 mail.example.org Hello testclient.example.org [10.1.7.2], pleased to meet you mail from:[email protected]

250 2.1.0 [email protected]... Sender ok rcpt to:[email protected]

550 5.7.1 [email protected]... Relaying denied. </Verbatim listing>

Always ensure that your MTA is relaying to accepted domains and from trusted IP subnets. For an external client who needs to send messages through your mail server (i.e., roaming clients) you can use SMTP AUTH or TLS certificate validation to allow relay to external authenticated IP addresses.

Was this article helpful?

0 0
The Ultimate Computer Repair Guide

The Ultimate Computer Repair Guide

Read how to maintain and repair any desktop and laptop computer. This Ebook has articles with photos and videos that show detailed step by step pc repair and maintenance procedures. There are many links to online videos that explain how you can build, maintain, speed up, clean, and repair your computer yourself. Put the money that you were going to pay the PC Tech in your own pocket.

Get My Free Ebook


Post a comment