Introducing of two different examples to check your E-Mail-Server for an open relay.
Open relay is an E-Mail server configured in such a way that it allows anyone on the internet to send E-Mails through your server. This can be very dangerous!
First test is a simple TCP-Connect to your own e-mail server:
1 2 3 4 5 6 7 8 9 10 11 12 | id@leonardo:~$ telnet mx.idrobot.net 25 Trying 188.40.116.226... Connected to mx.idrobot.net. Escape character is '^]'. 220 mx.idrobot.net ESMTP Exim 4.69 Fri, 16 Oct 2009 23:12:32 +0200 helo leonardo.local 250 mx.idrobot.net Hello p5482601e.dip.t-dialin.net [84.130.96.30] mail from: test@openralay.ua 250 OK rcpt to: victim@spam.ua 550 relay not permitted |
Second one is a automatic test with swaks (swaks is not a default core tool; you can install it: apt-get install swaks):
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 | # swaks -s fw.idrobot.net -f test@openralay.ua -t victim@spam.com === Trying fw.idrobot.net:25... === Connected to fw.idrobot.net. <- 220 firewall.idrobot.net ESMTP Postfix (Debian/GNU) -> EHLO mx.idrobot.net <- 250-firewall.idrobot.net <- 250-PIPELINING <- 250-SIZE 10240000 <- 250-VRFY <- 250-ETRN <- 250-STARTTLS <- 250-ENHANCEDSTATUSCODES <- 250-8BITMIME <- 250 DSN -> MAIL FROM: <- 250 2.1.0 Ok -> RCPT TO: <** 554 5.7.1 : Relay access denied -> QUIT <- 221 2.0.0 Bye === Connection closed with remote host. |
Leave a Reply