D&C GLug - Home Page

[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] Email reputation

 

On Tue, Sep 22, 2015 at 04:22:11PM +0100, Matt Stevenson wrote:
> Is there a full proof way of checking if its definitely an open relay, if it is
> how do I shut it down?

An open relay mail server accepts email for anyone from anyone and
relays it to the correct recepient. If the mail server is an inbound
one (it receives email from the Internet for your users), set it so that
it accepts only emails for your domain(s).

If the mail server is an outbound one (it receives emails from your
users and relays them to the Internet) make sure it only accepts mail
from certain IP ranges and/or certain authenticated users.

I'm not sure how to do this in Exim though.

Given that only Symantec has discovered you're running an open relay, it
may be a bit more subtle than this though. A true open relay would have
been discovered by spammers which at least would have led to further
blacklisting.

My guess is that it's merely accepting email for all domains, but
doesn't relay those emails. That's not bad, but something you'll want to
fix if you also send emails from the same IP address - which you do. You
can use telnet to check if it does accept emails for other domains.

Martijn.

Attachment: signature.asc
Description: Digital signature

-- 
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/listfaq