I believe the mail server associated with my domain name is acting as an open relay. Hosting company claims everything's good. How can I double-check?
I'm building a website to advertise my services as a freelance translator, and to that effect I recently bought a domain name and one year's worth of web hosting at a well-known hosting company. My website is not up yet, but I have now switched all my work-related e-mail to the address associated with my new domain name.
A few days ago, a couple of my clients reported that their spam filters had mistakenly filtered out some of my messages, which worried me enough that I decided to look into possible reasons. It was then that I discovered that the SMTP server provided by my hosting company is apparently accepting all
incoming connections without even requesting an username and password. I'm no expert in e-mail protocols, but if I'm not mistaken that's what's commonly called an open relay, which I understand is a very bad thing
I immediately contacted tech support at my hosting company about this. They insisted that everything is hunky-dory and referred me to this site
, which says my mail servers seem to be closed to relaying. I'm not convinced, though: right now, using PopCorn
(a lightweight e-mail client), I'm consistently able to send e-mail without an username or password and using whatever "From:" and "Reply-to:" address I care to give. Again, I'm not an expert, but this doesn't look right to me.
For the record, the SMTP server will take my username and password if I bother to give one - it just seems to send the e-mail just as well if I don't. If I try to login with SSL, Outlook does warn me that "The certificate's CN name doesn't match its passed value", but it behaves normally if I choose to ignore it.
Right now I'm quite concerned about my mail server being blacklisted, used to relay spam, used to spoof my e-mail address or any combination thereof. Could the networking experts in the Hive Mind confirm whether the symptoms I have described are indeed something to be concerned about?
If this is as worrying as I have so far assumed it is, what are my options apart from switching to a different hosting provider?
Thanks in advance everyone!