"Due to circumstances beyond our control, the ORBS website is no longer available. "
from orbs.org
-----Original Message-----
From: Gerardo Soto [mailto:gsoto@compu-redes.net.mx]
Sent: 22 June 2001 11:00
To: firewalls@pluto.gnac.com
Subject: Re: Need to Lock Down Mail Relay
Hello:
Check this web site, they do not ask to create an account and they
really test your mail server. Be prepare for it.
Regards,
On Thu, 21 Jun 2001, Alvin Oga wrote:
>
> hi lance.. et.al..
>
> i just went to http://www.abuse.net/relay.html
> - they wanted a login passwd etc..etc...
>
> so wound up doing the telnet stuff as shown... by you folks
>
> i'd like to add that the "telnet mail.foo.com 25"
> is the suspected open relay you are trying to test...
> - if its open... you wanna close it as its admin
> - if its open... as a spammer...you're a bad boy
> - its open if you dont get "relay denied"
>
> Another good url to use besides the abuse.net site...
>
> http://www.paladincorp.com.au/unix/spam/spamlart/
>
> Anyway... I've collected a few more urls for online open relay testing
>
> http://www.linux-sec.net/audit_tools.gwif.html#Relay
>
> have fun
> alvin
> http://www.Linux-Sec.net
>
> On Thu, 21 Jun 2001, Lance Ecklesdafer wrote:
>
> > What I try to do is connect to the server on port 25 and go through this
> > process.
> > (1) HELO INTRUDER.COM
> > <The server responds>
> > (2) MAIL FROM:someguy@intruder.com
> > <The server responds>
> > (3)RCPT TO: someguy@someotherdomain.com
> > <The server will give you an error if it will not accept relays. If it
> > accepts mail for a domain other than the domain it is servicing, then it is
> > open for a relay attack.>
> > If you want to continue your message then you can enter:
> > (4)DATA
> > <the server will tell you to enter data with only a "." on the last line>
> > (5)RSET
> > (6)QUIT
> >
> > That is basically what I do. Does anyone else have anything to add?
> >
> > Lance
> >
> >
> > ----- Original Message -----
> > From: "Gary Rose" <grose@wams.com>
> > To: <firewalls@lists.gnac.net>
> > Sent: Thursday, June 21, 2001 10:55 AM
> > Subject: Need to Lock Down Mail Relay
> >
> >
> > > What is the easiest way to test if a mail server has mail relay enabled
> > > other than pointing your email client at it? Can you telnet to port 25 and
> > > use SMTP commands? If so, what is the process?
> > >
> > >
> > > Thanks.
> > >
> > >
> > > -G
> > >
> > > _______________________________________________
> > > Firewalls mailing list
> > > Firewalls@lists.gnac.net
> > > http://lists.gnac.net/mailman/listinfo/firewalls
> >
> > _______________________________________________
> > Firewalls mailing list
> > Firewalls@lists.gnac.net
> > http://lists.gnac.net/mailman/listinfo/firewalls
> >
>
> _______________________________________________
> Firewalls mailing list
> Firewalls@lists.gnac.net
> http://lists.gnac.net/mailman/listinfo/firewalls
>
_______________________________________________
Firewalls mailing list
Firewalls@lists.gnac.net
http://lists.gnac.net/mailman/listinfo/firewalls