[Dshield] Exchange Open Relay

Willy, Andrew AWilly at eSMIL.net
Wed Feb 22 20:15:03 GMT 2006


See:
http://www.microsoft.com/technet/security/prodtech/exchangeserver/excrelay.m
spx

For information on disabling / modifying SMTP relay in MS Exchange 5.5 or
2000.

See:

http://www.abuse.net/relay.html

For a tool to test if your server is an open relay. Perhaps positive results
from such a site will encourage your admin to investigate.

Andrew

-----Original Message-----
From: Arthur Neville [mailto:ajnevman at yahoo.com]
Sent: Wednesday, February 22, 2006 12:53 PM
To: list at lists.dshield.org
Subject: [Dshield] Exchange Open Relay


Greetings
  Q:
  I posted before about how my domain is being whacked by Spam and how some
users are contsantly getting hammered
  I checked our public facing email server to see if its an Open Relay....
  I was able to telnet into 25 and send mail from the outside hmmmmm
  We use an intranet and within that intranet there is windows integrated
authenticated, we are using Outlook Web Access and Outlook Mobile Access for
our smartphones
   
  I heard one of the WinAdmins speak about needing SMTP to communicate
between the servers and that there are no open relay's.... duhhhh guess what
  I went to one of the sites that checks the site to see if it is on any
DNSBNL's and voila we are on about 50 dnsbl's on the net.....
  Does that mean we have someone using our server as an open relay ???
  Or we have someone who has some bots on his box or boxes....
   
  In any event....thats the scoopla, I am well versed in the art of reading
so if you have some links or info that would be helpful that would be kewl
  thanks
  art
   

		
NOTICE OF CONFIDENTIALITY-The information in this email, including
attachments, may be confidential and/or privileged and may contain
confidential health information. This email is intended to be reviewed only
by the individual or organization named as addressee. If you have received
this email in error please notify Scottsdale Medical Imaging, an affiliate
of Southwest Diagnostic Imaging, LTD immediately - by return message to the
sender or to support at esmil.com - and destroy all copies of this message and
any attachments. Please note that any views or opinions presented in this
email are solely those of the author and do not necessarily represent those
of Scottsdale Medical Imaging. Confidential health information is protected
by state and federal law, including, but not limited to, the Health
Insurance Portability and Accountability Act of 1996 and related
regulations.


More information about the list mailing list