Hi,
We have an SMTP relay setup on our Win 2003 server, which is also running
ISA 2004 as our corporate firewall. This relays mail to & from our backend
Exchange 2003 server.
I thought the SMTP relay was secure as I had configured it according to an
article on isaserver.org, however after running an open relay test
(
http://www.rbl.jp/svcheck.php) I found that out of the 19 tests, 3 were
accepted. This has me worried, that the server could be used as an open
relay! The tests that were accepted are below, how do I secure against these
types of relay? Ar ethey actually a threat? I see the only difference on
these tests compared to the others is the 'RCPT TO:' filed, in these 3 tests,
they are all mailformed, i.e. rlytest%rep.rbl.jp, rep.rbl.jp!rlytest and
"rlytest@rep.rbl.jp" (has quotes around)
Any help, advice, suggestions much appreciated!
Relay test 7
[quoted text, click to view] >>> RSET
<<< 250 2.0.0 Resetting
>>> MAIL FROM: <rlychk@hostX-X-X-X.in-addr.fast-hosts.com>
<<< 250 2.1.0 rlychk@hostX-X-X-X.in-addr.fast-hosts.com....Sender OK
>>> RCPT TO: <"rlytest@rep.rbl.jp">
<<< 250 2.1.5 "rlytest@rep.rbl.jp"@mxsvr
relay accepted!!
Relay test 8
[quoted text, click to view] >>> RSET
<<< 250 2.0.0 Resetting
>>> MAIL FROM: <rlychk@hostX-X-X-X.in-addr.fast-hosts.com>
<<< 250 2.1.0 rlychk@hostX-X-X-X.in-addr.fast-hosts.com....Sender OK
>>> RCPT TO: <"rlytest%rep.rbl.jp">
<<< 250 2.1.5 "rlytest%rep.rbl.jp"@mxsvr
relay accepted!!
[quoted text, click to view] >>> RSET
<<< 250 2.0.0 Resetting
>>> MAIL FROM: <rlychk@hostX-X-X-X.in-addr.fast-hosts.com>
<<< 250 2.1.0 rlychk@hostX-X-X-X.in-addr.fast-hosts.com....Sender OK
>>> RCPT TO: <rep.rbl.jp!rlytest>
<<< 250 2.1.5 rep.rbl.jp!rlytest@mxsvr
