Re: Open Relay Testing
As for where to get a check done, I recommend that you google for "mail
relay check". There used to be some better relay checkers out there,
but legal issues and other foolishness made them shut down.
Securing a relay configuration is up to you and the MTA that you use.
Different servers offer different options. I would tell you to refer to
your MTA documentation. Securing the server itself is one thing, and
securing the transport (if you care about that) is another.
You might want to make sure that your ISP has their mail servers reverse
DNS set up. Some BOFH admins (AOL) like to block mail that comes from
servers without a reverse DNS entry that matches the forward entry.
Doing reverse lookups is a good idea, but bad in practice because so
many ISPs don't even offer reverse DNS delegation, not to mention
My ISP is stupid and won't do reverse DNS delegation. That's Orlando
Telephone Company of Orlando Florida, owned by CEO Herb Bornack,
http://www.orlandotelco.com/. They run finger and http on many of their
routers too. =)
use dig or nslookup to find out the MX, A, and PTR DNS records of your
Gene Grimm wrote:
What is the best method of testing mail servers to determine if they are
susceptible to being exploited as an open relay? We have several mail
servers that I want to verify are "secured". Also, I have been having
problems with sending mail, specifically to AOL users, through my Zoom
Internet account at home. I'm not entirely sure I believe Zoom when they say
that their systems are not open relays. Plus I am considering configuring a
"relay MTA" on my home Debian box to route all of my outgoing mail through
our own office mail servers. Are there any HOWTO's describing ways of
creating a secure relay channel between remote MTA's?
# Jesse Molina
# Mail = firstname.lastname@example.org
# Page = email@example.com
# Cell = 1.407.970.0280
# Web = http://www.opendreams.net/jesse/