Hi,
Ordb.org just informed me that I have an open relay!
I am running MailEnable and have set it to allow only authenticated users to relay.
Looking at the logs the ordb.org server tried many different ways of getting through and all failed...
But for some strange reason it managed to get through doing this:
EHLO+groundzero.ordb.org 250-*****+[62.242.0.190],+this+server+offers+4+extensions
HELP 211+System+status,+or+system+help+reply:+HELO,EHLO,QUIT,HELP,RCPT,MAIL,DATA,RSET,NOOP
MAIL+FROM:<> 250+Requested+mail+action+okay,+completed
RCPT+TO:<marvin@marvin.ordb.org> 250+Requested+mail+action+okay,+completed
DATA 354+Start+mail+input;+end+with+<CRLF>.<CRLF>
DATA 354+Start+mail+input;+end+with+<CRLF>.<CRLF>
QUIT 221+Service+closing+transmission+channel
Attempts at doing the same thing from another IP address didn't work...so obviously this was just a once off thing..but I have no idea what caused it.
Open Relay!
-
nklpkl
Open Relay
Having same problems with Mail Enable Standard running XP. I've been using the email server for a few months and this started happening...
have settings set for "Authenticated Users Only"
MAIL MAIL FROM: <andpuhuaa@email.com> 250 Ok 0 8
07/05/02 00:28:47 SMTP-OU 532 199.45.141.22 RCPT RCPT TO: <sandyt@frontier.net> 250 Ok 0 8
have settings set for "Authenticated Users Only"
MAIL MAIL FROM: <andpuhuaa@email.com> 250 Ok 0 8
07/05/02 00:28:47 SMTP-OU 532 199.45.141.22 RCPT RCPT TO: <sandyt@frontier.net> 250 Ok 0 8
-
Admin
- Site Admin
- Posts: 1127
- Joined: Mon Jun 10, 2002 6:31 pm
- Location: Melbourne, Victoria, Australia
Can you email the output from the Diagnostic utility to support@mailenable.com?
Make sure that the "Allow relay for privileged IP ranges" is not set. You might want to check these settings by clicking the Privileged IPs button. The option should be set to "By Default all computer will be: Denied relay rights".
Lastly, remember that if you have configured the domain under MailEnable, the relay settings do not have an effect. This is because mail being delivered to a local domain is not being "relayed" (i.e. sent out to the Internet again). Mail being sent to a domain you host does not need to be authenticated (otherwise mail servers could not send you email).
Make sure that the "Allow relay for privileged IP ranges" is not set. You might want to check these settings by clicking the Privileged IPs button. The option should be set to "By Default all computer will be: Denied relay rights".
Lastly, remember that if you have configured the domain under MailEnable, the relay settings do not have an effect. This is because mail being delivered to a local domain is not being "relayed" (i.e. sent out to the Internet again). Mail being sent to a domain you host does not need to be authenticated (otherwise mail servers could not send you email).
-
MailEnable
- Site Admin
- Posts: 4441
- Joined: Tue Jun 25, 2002 3:03 am
- Location: Melbourne, Victoria Australia
... further to this, the following article gives some insight into how relay requests are enumerated; and what you should look for in your debug log file.
http://www.mailenable.com/kb/viewarticle.asp?aid=34.
http://www.mailenable.com/kb/viewarticle.asp?aid=34.
