Dear All
Best remedy is to enable smtp authentication on the server
1. This will allow the local users to send the mail after authentication the sender id
2. In case the server is live MX, it will also recv the mail from outside or internet only for that domain which is configured in this case COPSTOP
Thanks & Regards
Ming --- BIJU KRISHNAN bijucyborg@yahoo.com wrote:
Hi All,
Could you pls analyze the following transcript of my session with a remote server and help me judge whether the server is in some sense an open relay...One thing abt the server is that it passes all anonymous relaying tests.....but what if i know two contacts on the same server..
[root@bijucyborg root]# telnet 2XX.1XX.XXX.XX 25 Trying 2XX.1XX.XXX.XX... Connected to 2XX.1XX.XXX.XX. Escape character is '^]'. 220 COPSTOP.com ESMTP ehlo popa 250- COPSTOP 250-PIPELINING 250 8BITMIME mail from:xyz@COPSTOP 250 ok rcpt to:abc@COPSTOP.com 250 ok data 354 go ahead we went to school together . 250 ok 1099213953 qp 10543 quit 221 COPSTOP.com Connection closed by foreign host.
------------------------------------------------------
As I have observed the server accepts message from xyz@COPSTOP to abc@COPSTOP.
- xyz and abc are two valid users on the system.
- This session was carried from a random machine on
the internet.
If this is dangerous....assuming that i'am using sendmail, could u pls suggest a technique to stop this.
bye rgds
biju
__________________________________ Do you Yahoo!? Yahoo! Mail Address AutoComplete - You start. We finish. http://promotions.yahoo.com/new_mail
__________________________________ Do you Yahoo!? Yahoo! Mail - Helps protect you from nasty viruses. http://promotions.yahoo.com/new_mail