Qmail and an open relay
September 9, 2005 7:11 AM Subscribe
*Qmail* - I have a server that seems to be having a spamming issue. It's a Plesk/linux box. I'm not convinced that one of the accounts on the server is directly responsible. So I ran a test looking for open relays. I seem to have found one.
I ran the following command:
telnet relay-test.mail-abuse.org
The test stopped on the following test:
:Relay test: #Test 8
>>> mail from: [spamtest@mydomain.com]
< 250 ok>>> rcpt to: [nobody%mail-abuse.org@mydomain.com]
< 250 ok>>> QUIT
<<< 221 mydomain.com
Tested host banner: 220 mydomain.com ESMTP
System appeared to accept 1 relay attempts
Connection closed by foreign host.
I've replace the actual hostname of the server with 'mydomain.com' for privacy's sake. Can anyone decipher what that result is actually telling me? Bonus points for how to fix it.
I ran the following command:
telnet relay-test.mail-abuse.org
The test stopped on the following test:
:Relay test: #Test 8
>>> mail from: [spamtest@mydomain.com]
< 250 ok>>> rcpt to: [nobody%mail-abuse.org@mydomain.com]
< 250 ok>>> QUIT
<<< 221 mydomain.com
Tested host banner: 220 mydomain.com ESMTP
System appeared to accept 1 relay attempts
Connection closed by foreign host.
I've replace the actual hostname of the server with 'mydomain.com' for privacy's sake. Can anyone decipher what that result is actually telling me? Bonus points for how to fix it.
If you are hosting sites for other people (as suggested by the fact that you're running Plesk) and are investigating abuse reports, then it's far more likely that a client installed a flawed CGI that can be used to send spam. A lot of the really old and poorly coded "send me feedback" type CGI scripts from the dark ages of the WWW did not do proper input validation and could be used to send mass email.
posted by Rhomboid at 10:52 AM on September 9, 2005
posted by Rhomboid at 10:52 AM on September 9, 2005
This thread is closed to new comments.
posted by mendel at 7:34 AM on September 9, 2005