Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] Exchange server being used for spam?

To: [email protected]
Subject: Re: [FW-1] Exchange server being used for spam?
From: Yves Belle-Isle <[email protected]>
Date: Tue, 6 Nov 2001 19:36:20 -0500
Comments: cc: [email protected]
Organization: Sogi Informatique Ltee
References: <[email protected]>
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

i just tried to relay an email to myself via your exchange server
and it denied smtp relaying. But i attempted the simplest form
of mail relaying.

What you can do is the following from your exchange server:

Telnet to relay-test.mail-abuse.org to the normal telnet port.
It will try 19 way to do mail relay true your exchange server and
give you the status in the telnet windows as it does.

If it finally say your exchange server doesn't accept to relay mail
you can be almost sure it never accept to relay mail...

In the case of my own mail server it give me output like this
(It's just one part of the output)

Telnet relay-test.mail-abuse.org

Connecting to 205.236.42.1 ...
<<< 220 YOU ARE MONITORED, UNAUTHORIZED ACCESS PROHIBITED
>>> HELO cygnus.mail-abuse.org
<<< 250 Hello cygnus.mail-abuse.org, pleased to meet you
:Relay test: #Quote test
>>> mail from: <[email protected]>
<<< 250  <[email protected].... Sender ok
>>> rcpt to: <"[email protected]">
<<< 554 Mailbox unavailable.
>>> rset
<<< 221 Closing connection

[Skip most test]

<<< 220 YOU ARE MONITORED, UNAUTHORIZED ACCESS PROHIBITED
>>> HELO cygnus.mail-abuse.org
<<< 250 Hello cygnus.mail-abuse.org, pleased to meet you
:Relay test: #test 19
>>> mail from: <[email protected]>
<<< 250  <[email protected]... Sender ok
>>> rcpt to: <[email protected]>
<<< 554 Mailbox unavailable.
>>> rset
<<< 221 Closing connection
>>> QUIT

Tested host banner: 220 YOU ARE MONITORED, UNAUTHORIZED ACCESS PROHIBITE
D
System appeared to reject relay attempts

Yves Belle-Isle
----- Original Message ----- >
> At 12:51 PM 11/6/01 -0800, you wrote:
> >I think my Exchange Server is still being used for spamming again. I turned
> >off mail relaying from following the steps in this article.  However, when I
> >look through my FW logs, I see outside IP's accessing the mail server using
> >the smtp service. I did a reverse lookup on some of the IP's and they return
> >this:

===============================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
===============================================

References:
- Re: [FW-1] Exchange server being used for spam?
  - From: "Robert C. Wessel" <[email protected]>

Prev by Date: Re: [FW-1] Exchange server being used for spam?
Next by Date: [FW-1] SMTP Security server problem? Connection to final MTA failed.
Previous by thread: Re: [FW-1] Exchange server being used for spam?
Next by thread: Re: [FW-1] Exchange server being used for spam?
Index(es):
- Date
- Thread