Announcement

Collapse
No announcement yet.

Relay issue

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Relay issue

    Hey guys - me again

    Setup Exchange 2003 SP2 on W2003 recently, following a lot of guides from Mr Petri himself. All works OK, exept tonight I noticed I was getting spam at the rate of upto 3 mailes a minute.

    I did some relay tests on http://www.mailradar.com/openrelay/ and the following came up:

    [Method 7]
    <<< 220 server.solentcomputerservices.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.3959 ready at Wed, 24 Feb 2010 21:55:56 +0000
    >>> HELO mailradar.com
    <<< 250 server.solentcomputerservices.com Hello [193.230.245.6]
    >>> MAIL FROM: <[email protected][213.104.228.238]>
    <<< 250 2.1.0 [email protected][213.104.228.238]....Sender OK
    >>> RCPT TO: <"[email protected]">
    <<< 250 2.1.5 "[email protected]"@solentcomputerservices.c om
    >>> QUIT
    <<< 221 2.0.0 server.solentcomputerservices.com Service closing transmission channel
    [TEST NOT PASSED]


    [Method 8]
    <<< 220 server.solentcomputerservices.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.3959 ready at Wed, 24 Feb 2010 21:55:57 +0000
    >>> HELO mailradar.com
    <<< 250 server.solentcomputerservices.com Hello [193.230.245.6]
    >>> MAIL FROM: <[email protected][213.104.228.238]>
    <<< 250 2.1.0 [email protected][213.104.228.238]....Sender OK
    >>> RCPT TO: <"relaytest%mailradar.com">
    <<< 250 2.1.5 "relaytest%mailradar.com"@solentcomputerservices.c om
    >>> QUIT
    <<< 221 2.0.0 server.solentcomputerservices.com Service closing transmission channel
    [TEST NOT PASSED]

    [Method 14]
    <<< 220 server.solentcomputerservices.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.3959 ready at Wed, 24 Feb 2010 21:56:02 +0000
    >>> HELO mailradar.com
    <<< 250 server.solentcomputerservices.com Hello [193.230.245.6]
    >>> MAIL FROM: <[email protected][213.104.228.238]>
    <<< 250 2.1.0 [email protected][213.104.228.238]....Sender OK
    >>> RCPT TO: <mailradar.com!relaytest>
    <<< 250 2.1.5 [email protected]
    >>> QUIT
    <<< 221 2.0.0 server.solentcomputerservices.com Service closing transmission channel
    [TEST NOT PASSED]
    This was part of 18 "Methods" that the site uses. I then followed the guide from Dan about preventing relays and set Basic Auth as well as IWA, and all the Tests pass but I know on the guide it warns that doing so does not receive incoming mail. Which I couldn't. I have re-enabled Anonymous Access and the above 3 Methods once again fail.

    Have I misconfigured soemthing somewhere? I can't figure it out but have learned a lot and managed to set up everytelse including RPC/HTTPS, mostly with guides from Dan, so many thanks for those Dan!

    If anyone could give me a few pointers, I'd appreciate it

    Thanks,

    Karl

  • #2
    Re: Relay issue

    Another test on Abuse.net:
    Relay test 6

    >>> RSET
    <<< 250 2.0.0 Resetting
    >>> MAIL FROM:<[email protected]>
    <<< 250 2.1.0 [email protected] OK
    >>> RCPT TO:<user-70635%[email protected]>
    <<< 250 2.1.5 user-70635%[email protected]
    >>> DATA
    <<< 354 Start mail input; end with <CRLF>.<CRLF>
    >>> (message body)
    <<< 250 2.6.0 <[email protected]> Queued mail for delivery
    Any pointers please??

    Comment


    • #3
      Re: Relay issue

      Open relay tests are not completely fool proof. Due to the way that Exchange deals with email, it will appear to fail certain tests. Exchange will accept the email, but not deliver the message.

      Turning Exchange 2003 in to an open relay can only occur in two places. The most common way that Exchange is abused is via authenticated relaying.

      I have outlined how the server can be made in to an open relay here:
      http://www.amset.info/exchange/smtp-openrelay.asp

      And authenticated relaying can be turned off on most systems by simply disabling it on the properties of the SMTP virtual server.

      Simon.
      --
      Simon Butler
      Exchange MVP

      Blog: http://blog.sembee.co.uk/
      More Exchange Content: http://exchange.sembee.info/
      Exchange Resources List: http://exbpa.com/
      In the UK? Hire me: http://www.sembee.co.uk/

      Sembee is a registered trademark, used here with permission.

      Comment


      • #4
        Re: Relay issue

        Explanation and Clarification - Fantastic! That's put my mind at rest Simon, many thanks

        Rep point on it's way

        Cheers

        Karl

        Comment

        Working...
        X