RE: Am I running an open relay?

To: "Patrick Kirk" <patrick@kirks.net>, "debuser" <debian-user@lists.debian.org>
Subject: RE: Am I running an open relay?
From: "Jeremy Gaddis" <jeremy@gaddis.org>
Date: Sun, 7 Apr 2002 16:51:17 -0500
Message-id: <[🔎] JAEALNOKCJBOMGNGPAEMKEANCAAA.jeremy@gaddis.org>
In-reply-to: <[🔎] 1018101481.20759.2.camel@enterprise>

>From your mail server, telnet to
relay-test.mail-abuse.org.  It will automatically
connect to your machine's port 25 and run a variety
of tests to see if your machine is configured
as an open relay.

j.

--
Jeremy Gaddis     <jeremy@gaddis.org>


-----Original Message-----
From: Patrick Kirk [mailto:patrick@kirks.net]
Sent: Saturday, April 06, 2002 8:58 AM
To: debuser
Subject: Am I running an open relay?



My inbox has about 12 of these...does it mean I've been hacked or that
the relay attempt failed?  I though I had Exim locked down nicely but
someone has used port 25 if I read "enterprise.kirks.net with smtp (Exim
3.35 #1 (P Kirk))" correctly.

-----Forwarded Message-----

From: Mail Delivery System <Mailer-Daemon@enterprise-hr.com>
To: nobody@[ 217.35.40.123 ]
Subject: Mail delivery failed: returning message to sender
Date: 05 Apr 2002 05:29:06 +0100

This message was created automatically by mail delivery software (Exim).

A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:

  listme%dsbl.org@[217.35.40.123]
    unknown local-part "listme%dsbl.org" in domain "[217.35.40.123]"

------ This is a copy of the message, including all the headers. ------

Return-path: <nobody@[217.35.40.123]>
Received: from 2-057.ctame701-1.telepar.net.br
	([200.193.160.57] helo=surriel.com ident=wfxnjr)
	by enterprise.kirks.net with smtp (Exim 3.35 #1 (P Kirk))
	id 16tLLV-0003Z9-00
	for <listme%dsbl.org@[217.35.40.123]>; Fri, 05 Apr 2002 05:29:05 +0100
Message-ID: <6839cgD6QvH1tqiQODyEuQGHn9TFZAdi@surriel.com>
Date: Fri, 5 Apr 2002 4:28:14 +0000
To: <listme@dsbl.org>
Subject: Open Relay Test Message
From: nobody@[217.35.40.123]

DSBL LISTME: smtp
6839cgD6QvH1tqiQODyEuQGHn9TFZAdi
MAIL FROM:<nobody@[217.35.40.123]>
RCPT TO:<listme%dsbl.org@[217.35.40.123]>
DSBL END

This message is a test of your mail server to determine if
it will perform relaying (re-sending) of e-mail messages
for unauthorized outside parties.  This capability, if
enabled in your mail server, is widely considered to be
serious flaw in mail server security.

Your mail server is being tested for relaying capability
because we have received mail from it and wish to determine
its likelihood to be abused by spammers.




--
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org


-- 
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Follow-Ups:
- RE: Am I running an open relay? - testing
  - From: Alvin Oga <aoga@Maggie.Linux-Consulting.com>

References:
- Am I running an open relay?
  - From: Patrick Kirk <patrick@kirks.net>

Prev by Date: Re: fatal error: no screens found
Next by Date: Re: Mutt and From: line
Previous by thread: Re: Am I running an open relay?
Next by thread: RE: Am I running an open relay? - testing
Index(es):
- Date
- Thread