Open Relay Mail Server
Open Relay mail servers are also referred to as third-party mail relays and insecure relays.
They all mean the same thing. People/systems that you have no relationship with can send
email(usually spam) through your server(s) to others. Since you
have no prior relationship with these folks, it is hard to be compensated for your damages
due to their use of your server(s).
MAPS, as used in this page, refers to the
Mail Abuse Prevention System
Why am I here?
If you have been referred to this page or have been told that you have an open relay mail
server, then you will want to read this very carefully. Not closing your open relay
server can cost you in several ways: machine crashes, disk and bandwidth usage, increased
technical support costs to respond to all the complaints from people who have been
spammed through your server, blacklisting and a tarnished reputation.
If you are a user has had your legitimate email rejected due to you sending through
an open relay, please see our blackhole page for
details on what you can do.
How can I verify that I have an open relay mail server?
If you are on the MAPS RSS list,
they will have a copy of both spam sent through your server and their relay test.
If you received a notice from Clarke Computer, then a test message was sent through
your server. Unless you have specifically set up your server to relay email for us
(if you got the email, *we* don't know why you would!), then you have an open relay.
If you are one of those who just needs to see for themself, you can also test
your mail server with one of the free email accounts from places like
Hotmail:
- Create an email account on Hotmail or the system of your choice.
- From that account send email back to the account, but through your
server. You do this by replacing the @ with a % and then appending
@ and your server's name. E.g. account%hotmail.com@myserver.com
- Wait a couple of minutes(depending on how quickly the server is running that day).
- You will either have an email from yourself for which you can
look at the full headers
and see your mail server or you will have a bounce from that tells your that your
server declined to relay.
If the machine is a partially open relay, you may need to do a different test.
This happens a lot where you have restricted the machine to only accepting
mail where either the sender or recipient is one of their "hosted" domains.
In that case, set the sender to a name at your domain(postmaster usually works -
it is required by RFC822) and the recipient to yourself.
You will need to do this from a machine that is not served by the ISP
responsible for your domain. (dial up through AOL or some other ISP).
This method requires more technical savvy.
- Find out their mail server. Usually done with
nslookup -type=MX domain
where domain is your domain name.
- Telnet to port 25(the SMTP server port) of your mail server.
- Type:
HELO foobar.com
- Type:
MAIL FROM: domain
- Type:
RCPT TO: your email address
make sure you use an outside email address like one at hotmail.com.
- Type:
DATA
- Type:
test
- Type:
. (a period on a line by itself)
- Type:
QUIT
If your mail server doesn't complain after the RCPT TO: line, you
may have an open relay. If you receive the mail in your mailbox, then
it is definitely an open relay.
How do I close this open relay?
MAPS has a huge list of different
mailers and how to close the open relay behaviour for each of them.
Although we hope that the above information will enable you to close your open relay,
if you need help closing your open relay, Clarke Computer can help you. For
Unix systems, we can do this over the internet. For Windows systems, we will have
to walk you through it on the phone. Unless you need upgraded software, this normally
takes less than 2 hours(i.e. around $160).
This is much less than the open relay can cost you!
You shouldn't be sending this to me!
Surprising, to us at least, some people, when notified by us that they have
a problem(the open relay), respond abusively and/or threaten to sue. Somehow they seem to
think that their problem is our fault!
If you have constructive criticism on improving our notification or this page,
please let us know! Otherwise, think
of these things before you abuse or threaten us:
- The initial contact was when your server sent spam to us or one of our customers.
- We don't know if you are aware that you have an open relay and the problems it will cause you.
- Keeping an open relay will cost you in one way or another.
- We are trying to help you save time and money.
- We believe in the same rights that MAPS does.
For more information:
|
To visit any of the sites below without leaving this site hold down the shift key when you click on the
link.
|