Fw: Open Relay Checker before Opening MTA

Daniel McNamara daniel at cit-linux.net
Sun Feb 10 11:05:16 EST 2002 

Hi guys,

I'm just re-forwarding this as for some reason it does not seem to have made
it to the CLUG mailing list the first time round.

Cheers

Daniel



> Hi there,
>
> Due to a recent ugly incident where one of my work place mail servers was
> blacklisted for being an open relay (nothing major it was for some reason
> accepting null <> users to send mail bypassing IP range checks) I found
out
> about a handy place called the Open Relay DataBase.
>
> http://www.ordb.org/
>
> This site allows you to test mail servers (yours or someone else's) and
> keeps records of who asked for what tests so if anyone wants full
> accountability as well. In my case the ORDB contacted us by email to let
us
> know that one of our mail servers was a potential open relay and that this
> could lead to us being blacklisted by those who use the ORDB system for
spam
> prevention. After firstly fixing the mistake with our mail server I went
> digging and have decided to use the ORDB system to try and prevent our
users
> from receving spam from known open relays. So far it has been relatively
> successful.
>
> The method for doing this is shown clearly in the sites FAQ:
>
> http://www.ordb.org/faq/#usage
>
> It contains instructions for a number of MTA's on how to use their system
to
> prevent mail from known open relays. Handy stuff. Since this system is
> already in place you do not need to re-invent the wheel and as Richard has
> pointed out performing your own open relay tests is sitting on shaky legal
> grounds as well as possibly violating the AUP of your provider. I'd
> recommend using a well known system such as ORDB in order to show that
your
> doing it for spam prevention purposes NOT for spam propagation purposes.
>
> Hope this helps you out.
>
> Cheers
>
> Daniel
>
> ----- Original Message -----
> From: "Richard Cottrill" <richard_c at tpg.com.au>
> To: "Neil Symons" <neil at goldweb.com.au>; <linux at lists.samba.org>
> Sent: Sunday, February 10, 2002 2:21 AM
> Subject: RE: Open Relay Checker before Opening MTA
>
>
> > I'm wondering that you might open yourself to potential legal hassles by
> > attempting to (even test) if the other server is an open relay. If there
> > were a suitably motivated lawyer they might construe it as improper use
of
> > facilities or some such thing. I'm also a little worried that if this
were
> > to become a common practice that it might not scale too well. I suppose
> > you'd really need an awful lot of servers on board before that happened.
> >
> > Richard
> >
> > > -----Original Message-----
> > > From: linux-admin at lists.samba.org
[mailto:linux-admin at lists.samba.org]On
> > > Behalf Of Neil Symons
> > > Sent: Saturday, February 09, 2002 1:59 PM
> > > To: linux at lists.samba.org
> > > Subject: Open Relay Checker before Opening MTA
> > >
> > >
> > >
> > >
> > > I wonder if there is already something like this out there before
> > > I write one myself.
> > >
> > >
> > > When a mail server connect to me, I check my local blacklist to
> > > see if server is listed as an open relay, if not, then check my
> > > goodlist, if not there then connect straight back at them and do
> > > a open relay test.
> > >
> > > If all successfull, then accept connection and open real Mail
> > > Transport Agent (Mail server) and carry on through the e-mail.
> > > And add them to my Goodlist
> > >
> > > If it is found to be open relay, then REJECT e-mail and also
> > > e-mail postmaster of domain about what happended.
> > > Add site to local blacklist.
> > >
> > > Once per day/week/month go through each blacklist and whitelist
> > > to check if open relay and adjust accordinly.
> > >
> > > Even though this may use up bandwith, it will at least be less
> > > than the amount of junk mail received these days.
> > >
> > >
> > > Does anyone have any suggestions to whether this is a practical
> > > thing to do, or simply a stupid thing to do?
> > >
> > > Open for FLAME / SUGGESTIONS / POINTERS / DISCUSSION
> > >
> > > -- Neil
> > >
> > >
> > > --
> > > +----------------------------------------------------------+
> > > > Neil Symons <neil at goldweb.com.au>                        <
> > > > Goldweb Internet - (02) 62530059 BH  (0500) 528932 AH    <
> > > > ICQ / UIN: 5255597 |  http://www.goldweb.com.au/~neil/   <
> > > +----------------------------------------------------------+
> > >
> >
> >
>

More information about the linux mailing list