Find the answer to your Linux question:
Results 1 to 4 of 4
I am running a postfix server. When I test open relay through some of the open relay web pages on the internet it reports "No open relay". But, I can ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Jan 2005
    Posts
    29

    Spam, PostFix, OPen Relay question


    I am running a postfix server. When I test open relay through some of the open relay web pages on the internet it reports "No open relay". But, I can telnet into the box and send mail to and from anywhere that I please.

    There is no security in place, like POP-BEFORE-SEND or anything like that. So how can I tell if this thing is open relay or not?

    Also, I have people with mail clients like outlook or are able to connect to postfix and send mail to anyone....

    I don't get it. It seems like open relay (which I do not want), but, open relay web programs are saying no.... What gives.

  2. #2
    Super Moderator Roxoff's Avatar
    Join Date
    Aug 2005
    Location
    Nottingham, England
    Posts
    3,846
    You're able to log into your normal user account locally and send mail? How would you manage to send any email if you prevented this from happening?

    An open relay forwards email from other computers to other computers - provided your computer isn't passing mail on from just anywhere, but limits access to itself and to any computers on the local lan, then it's not an open relay.

    If you friends can log into their account on that computer and send mail normally, then the system is working fine for them.
    Linux user #126863 - see http://linuxcounter.net/

  3. #3
    Just Joined!
    Join Date
    Jan 2005
    Posts
    29
    Quote Originally Posted by Roxoff
    You're able to log into your normal user account locally and send mail? How would you manage to send any email if you prevented this from happening?

    An open relay forwards email from other computers to other computers - provided your computer isn't passing mail on from just anywhere, but limits access to itself and to any computers on the local lan, then it's not an open relay.

    If you friends can log into their account on that computer and send mail normally, then the system is working fine for them.
    That is what I am saying. I understand the local account part. But, like I some customers are able to connect with outlook (without any authrization) and send an email to anywhere on the internet + to users on the local box. If that is the case, then anyone can connect to the server with outlook and send email. Server is a spam hotbox - right?

    Is the mail client connecting and sending email regardless of authorization not the same as Open Relay?

  4. #4
    Super Moderator Roxoff's Avatar
    Join Date
    Aug 2005
    Location
    Nottingham, England
    Posts
    3,846
    How can they connect? If they are using one of the service ports, can you not just close that port down on the external interface?

    I'm no expert on Postfix, I use sendmail, with which I've managed to completely lock my system down - the lan users can send email because it is verified by sender domain and machine IP address. Nobody else gets a look in. The only mail route through the firewall is on port 25, which is straight to my email server which only accepts email for my own domain, i.e it rejects relay attempts unless it can verify both the IP address and sender domain. People inside the lan can connect using imap or pop3 (at their own choice), because the server supports both, but there is no route through the firewall from the internet on those ports.
    Linux user #126863 - see http://linuxcounter.net/

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •