Open Relay Mail Server

Open Relay mail servers are also referred to as third-party mail relays and insecure relays. They all mean the same thing. People/systems that you have no relationship with can send email(usually spam) through your server(s) to others. Since you have no prior relationship with these folks, it is hard to be compensated for your damages due to their use of your server(s).

MAPS, as used in this page, refers to the Mail Abuse Prevention System

Why am I here?

If you have been referred to this page or have been told that you have an open relay mail server, then you will want to read this very carefully. Not closing your open relay server can cost you in several ways: machine crashes, disk and bandwidth usage, increased technical support costs to respond to all the complaints from people who have been spammed through your server, blacklisting and a tarnished reputation.

If you are a user has had your legitimate email rejected due to you sending through an open relay, please see our blackhole page for details on what you can do.

How can I verify that I have an open relay mail server?

If you are on the MAPS RSS list, they will have a copy of both spam sent through your server and their relay test. If you received a notice from Clarke Computer, then a test message was sent through your server. Unless you have specifically set up your server to relay email for us (if you got the email, *we* don't know why you would!), then you have an open relay.

If you are one of those who just needs to see for themself, you can also test your mail server with one of the free email accounts from places like Hotmail:

  1. Create an email account on Hotmail or the system of your choice.
  2. From that account send email back to the account, but through your server. You do this by replacing the @ with a % and then appending @ and your server's name. E.g. account%hotmail.com@myserver.com
  3. Wait a couple of minutes(depending on how quickly the server is running that day).
  4. You will either have an email from yourself for which you can look at the full headers and see your mail server or you will have a bounce from that tells your that your server declined to relay.
If the machine is a partially open relay, you may need to do a different test. This happens a lot where you have restricted the machine to only accepting mail where either the sender or recipient is one of their "hosted" domains. In that case, set the sender to a name at your domain(postmaster usually works - it is required by RFC822) and the recipient to yourself.

You will need to do this from a machine that is not served by the ISP responsible for your domain. (dial up through AOL or some other ISP).

This method requires more technical savvy.

  1. Find out their mail server. Usually done with nslookup -type=MX domain
    where domain is your domain name.
  2. Telnet to port 25(the SMTP server port) of your mail server.
  3. Type: HELO foobar.com
  4. Type: MAIL FROM: domain
  5. Type: RCPT TO: your email address
    make sure you use an outside email address like one at hotmail.com.
  6. Type: DATA
  7. Type: test
  8. Type: .
    (a period on a line by itself)
  9. Type: QUIT
If your mail server doesn't complain after the RCPT TO: line, you may have an open relay. If you receive the mail in your mailbox, then it is definitely an open relay.

How do I close this open relay?

MAPS has a huge list of different mailers and how to close the open relay behaviour for each of them.

Although we hope that the above information will enable you to close your open relay, if you need help closing your open relay, Clarke Computer can help you. For Unix systems, we can do this over the internet. For Windows systems, we will have to walk you through it on the phone. Unless you need upgraded software, this normally takes less than 2 hours(i.e. around $160). This is much less than the open relay can cost you!

You shouldn't be sending this to me!

Surprising, to us at least, some people, when notified by us that they have a problem(the open relay), respond abusively and/or threaten to sue. Somehow they seem to think that their problem is our fault!

If you have constructive criticism on improving our notification or this page, please let us know! Otherwise, think of these things before you abuse or threaten us:

  • The initial contact was when your server sent spam to us or one of our customers.
  • We don't know if you are aware that you have an open relay and the problems it will cause you.
  • Keeping an open relay will cost you in one way or another.
  • We are trying to help you save time and money.
  • We believe in the same rights that MAPS does.

For more information:

To visit any of the sites below without leaving this site hold down the shift key when you click on the link.


Google
 
Web http://www.clarkecomputer.com

Domain Hosting Error Log Analysis Submittal Engines Free Web Hosting
What's New Domain Resources B&N BookStore Privacy Policy

Please send any questions or comments to: clarke@clarkecomputer.com
Phone: (970) 482-6785.
© 1995-2015 Clarke Computer Company