Test mail server for an open relay

by on October 27, 2006 · 11 comments· LAST UPDATED October 27, 2006

in , ,

I don't want let spammers take control of my mail server, I have configured my mail server but I am not sure how do I test my mail server for open relay? But what is an open mail realy?

An open mail relay occurs when a mail server processes a mail message where neither the sender nor the recipient is a local user. In this example, both the sender and the recipient are outside the local domain (or rather, the local IP range, for the technically inclined). The mail server is an entirely unrelated third party to this transaction. The message really has no business passing through this server.

I can check my server for open relay using any one of the following methods.

The old way (open relay server test)

Telnet to mail.myserver.com at port 25 and issue all the following commands:
helo client.server.com
mail from: rockyjr@vsnl.com
rcpt to: vivek@nixcraft.in
$ telnet mail.myserver.com 25Output:

Trying 202.51.x.xxx...
Connected to mail.myserver.com.
Escape character is '^]'.
220 mail.myserver.com ESMTP Postfix
helo client.server.com
250 mail.myserver.com
mail from: rockyjr@vsnl.com
250 Ok
rcpt to: vivek@nixcraft.in
554 : Relay access denied

As you see access denied to send email i.e. my mail server is NOT open relay.

The new way

Another and the best way is to use this website to test an open relay.

See also:

  • ORDB FAQ

This is an old post created by LinuxTitli but it was deleted accidentally by me :( I had restored the same from Google cache :)

TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 11 comments… read them below or add one }

1 Sean October 27, 2006 at 1:40 pm

From your mail server, telnet to

relay-test.mail-abuse.org

It will do an extensive scan of your IP and immediately report the problems

Sean

Reply

2 nixCraft October 27, 2006 at 2:03 pm

Sean,

Good finding.

Appreciate your post.

Reply

3 Czar October 27, 2006 at 4:35 pm

and if one would see “250 Accepted”… how does one stop an open relay

Reply

4 nixCraft October 27, 2006 at 4:58 pm

It is depend upon your MTA. For example postfix use following directives:

smtpd_recipient_restrictions =
permit_sasl_authenticated,
reject_unauth_destination,
permit_mynetworks,
reject_unknown_recipient_domain,
reject_rbl_client relays.ordb.org,
reject_rbl_client list.dsbl.org,
check_relay_domains,
permit

Sure you need to configure sasl authentication and maintain the list of virtual domains. Let me know your MTA name.

Reply

5 gofirefox October 27, 2006 at 5:38 pm

Good information, now i know how to find out if it is open

thanks a lot

Reply

6 cc April 17, 2008 at 2:01 am

yes,i agree with,i don’t want get spam email too.great it’s useful for me.

Reply

7 Abhishek Dey May 29, 2008 at 5:02 am

hi i m trying to build an email site….but i get a rejected mail message when i send mails to rediff and yahoo. but i succesffully sent mails to gmail server and cooltoad server(cooltoad.com).
Please can you tell me what could be the reason??

Reply

8 fosiul September 16, 2008 at 3:21 pm

check your IP here
http://cbl.abuseat.org/lookup.cgi

if your ip is listed here then it will be rejected by yahoo.

Reply

9 volkswagner January 8, 2010 at 10:27 pm

Sean, I tried to telnet relay-test.mail-abuse.org, but I did not see any automated results.

I performed the instruction set for open relay test and got access denied.

What should I get in response fro relay-test.mail-abuse.org?

Reply

10 arfie July 1, 2010 at 3:26 am

Hi,
Do you want to know how to make qmail mail server become close relay?
Because i think qmail is open relay so i often email from the spammers.
I have configured tcp.smtp file like this:

127.:allow,RELAYCLIENT=”"

but i still receive spam.

And when i follow your instruction the result is still open relay.

Thank you for your answer.

Reply

11 Amit May 5, 2011 at 8:31 am

Hi,
use following
127.:allow,RELAYCLIENT=””
.:deny
and run
qmailctl cdb

Regards,
Amit

Reply

Leave a Comment

Previous post:

Next post: