Testing my SMTP sever

reicherb

Platinum Member
Nov 22, 2000
2,122
0
0
Is there a good way to make sure that my SMTP server is not an open relay? I just had to open it up to allow an internal app to relay mail but want to make sure it's not wide open.

Thanks.
 

Nothinman

Elite Member
Sep 14, 2001
30,672
0
0
connect from an external host and try to send mail through it. SMTP is extremely simple, all you have to do is telnet to the box on port 25 and issue a few commands to see if it lets you relay or not.
 

reicherb

Platinum Member
Nov 22, 2000
2,122
0
0
Here are the results that I get:

C:\>telnet domain.com
Connecting To domain.com...Could not open connection to the host,
on port 23: Connect failed

C:\>telnet domain.com:25
Connecting To domain.com:25...Could not open connection to the host,
on port 23: Connect failed

I tried hyperterminal and when the status dhow connected I could get nothing to display. After a few seconds I was disconnected.

I assume that means I'm good?
 

Kilrsat

Golden Member
Jul 16, 2001
1,072
0
0
Originally posted by: reicherb
Here are the results that I get:

C:\>telnet domain.com
Connecting To domain.com...Could not open connection to the host,
on port 23: Connect failed

C:\>telnet domain.com:25
Connecting To domain.com:25...Could not open connection to the host,
on port 23: Connect failed

I tried hyperterminal and when the status dhow connected I could get nothing to display. After a few seconds I was disconnected.

I assume that means I'm good?
You need to use this command:

"telnet domain.com 25"

Your two previous attempts were trying port 23, not port 25.

After that you need to use the correct SMTP commands to actually try and send a message. Which looks something like this:

"HELO"
"MAIL From: someone@somedomain.com"
"RCPT To: someotherperson@blahblah.com"
"DATA"
"From: someone@somedomain.com"
"To: someotherperson@blahblah.com"
"Subject: Test Message"
"This is the body of the message"
""
"."
"QUIT"

You'll want to play with various senders and recipients in order to see if when/if relaying is allowed.
 

reicherb

Platinum Member
Nov 22, 2000
2,122
0
0
I see connecting to domain quickly flash on the screen followed by a blinking cursor (I hit enter a few times and get nothing.) followed by being returned to a cmd prompt.

Good?
 

Need4Speed

Diamond Member
Dec 27, 1999
5,383
0
0
Originally posted by: reicherb
I see connecting to domain quickly flash on the screen followed by a blinking cursor (I hit enter a few times and get nothing.) followed by being returned to a cmd prompt.

Good?


once you get the blinking cursor, you are connected...start issuing your mail commands, youll see the output
 

abellamy

Junior Member
Oct 3, 2004
11
0
0
You can test here... http://www.abuse.net/relay.html

I would either:

1. Make sure it is correct - but SMTP servers are frequently exploited.

2. Block inbound port 25 (SMTP) on your firewall (assuming you do not need to receive mail back!)

3. Don't use local SMTP and get your app. to use an external mail relay - I do this from a PHP app. and use AuthSMTP as the mail relay.