As for where to get a check done, I recommend that you google for "mail relay check". There used to be some better relay checkers out there, but legal issues and other foolishness made them shut down.
Securing a relay configuration is up to you and the MTA that you use. Different servers offer different options. I would tell you to refer to your MTA documentation. Securing the server itself is one thing, and securing the transport (if you care about that) is another.
You might want to make sure that your ISP has their mail servers reverse DNS set up. Some BOFH admins (AOL) like to block mail that comes from servers without a reverse DNS entry that matches the forward entry.
Doing reverse lookups is a good idea, but bad in practice because so many ISPs don't even offer reverse DNS delegation, not to mention virtual servers.
My ISP is stupid and won't do reverse DNS delegation. That's Orlando Telephone Company of Orlando Florida, owned by CEO Herb Bornack, http://www.orlandotelco.com/. They run finger and http on many of their routers too. =)
use dig or nslookup to find out the MX, A, and PTR DNS records of your mail servers.
Gene Grimm wrote:
What is the best method of testing mail servers to determine if they are susceptible to being exploited as an open relay? We have several mail servers that I want to verify are "secured". Also, I have been having problems with sending mail, specifically to AOL users, through my Zoom Internet account at home. I'm not entirely sure I believe Zoom when they say that their systems are not open relays. Plus I am considering configuring a "relay MTA" on my home Debian box to route all of my outgoing mail through our own office mail servers. Are there any HOWTO's describing ways of creating a secure relay channel between remote MTA's?
-- # Jesse Molina # Mail = jesse@opendreams.net # Page = page-jesse@opendreams.net # Cell = 1.407.970.0280 # Web = http://www.opendreams.net/jesse/