Test mail server for an open relay

Posted on in Categories Linux, Networking, Postfix, Security, UNIX last updated October 27, 2006

I don’t want let spammers take control of my mail server, I have configured my mail server but I am not sure how do I test my mail server for open relay? But what is an open mail realy?

An open mail relay occurs when a mail server processes a mail message where neither the sender nor the recipient is a local user. In this example, both the sender and the recipient are outside the local domain (or rather, the local IP range, for the technically inclined). The mail server is an entirely unrelated third party to this transaction. The message really has no business passing through this server.

I can check my server for open relay using any one of the following methods.

The old way (open relay server test)

Telnet to mail.myserver.com at port 25 and issue all the following commands:
helo client.server.com
mail from: [email protected]
rcpt to: [email protected]
$ telnet mail.myserver.com 25Output:

Trying 202.51.x.xxx...
Connected to mail.myserver.com.
Escape character is '^]'.
220 mail.myserver.com ESMTP Postfix
helo client.server.com
250 mail.myserver.com
mail from: [email protected]
250 Ok
rcpt to: [email protected]
554 : Relay access denied

As you see access denied to send email i.e. my mail server is NOT open relay.

The new way

Another and the best way is to use this website to test an open relay.

See also:

  • ORDB FAQ

This is an old post created by LinuxTitli but it was deleted accidentally by me ๐Ÿ™ I had restored the same from Google cache ๐Ÿ™‚

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin and a trainer for the Linux operating system/Unix shell scripting. He has worked with global clients and in various industries, including IT, education, defense and space research, and the nonprofit sector. Follow him on Twitter, Facebook, Google+.

Share this on (or read 11 comments/add one below):

11 comment

  1. It is depend upon your MTA. For example postfix use following directives:

    smtpd_recipient_restrictions =
    permit_sasl_authenticated,
    reject_unauth_destination,
    permit_mynetworks,
    reject_unknown_recipient_domain,
    reject_rbl_client relays.ordb.org,
    reject_rbl_client list.dsbl.org,
    check_relay_domains,
    permit

    Sure you need to configure sasl authentication and maintain the list of virtual domains. Let me know your MTA name.

  2. hi i m trying to build an email site….but i get a rejected mail message when i send mails to rediff and yahoo. but i succesffully sent mails to gmail server and cooltoad server(cooltoad.com).
    Please can you tell me what could be the reason??

  3. Sean, I tried to telnet relay-test.mail-abuse.org, but I did not see any automated results.

    I performed the instruction set for open relay test and got access denied.

    What should I get in response fro relay-test.mail-abuse.org?

  4. Hi,
    Do you want to know how to make qmail mail server become close relay?
    Because i think qmail is open relay so i often email from the spammers.
    I have configured tcp.smtp file like this:

    127.:allow,RELAYCLIENT=””

    but i still receive spam.

    And when i follow your instruction the result is still open relay.

    Thank you for your answer.

Leave a Comment