Redhat – Sendmail Open Relay

Posted: May 25, 2010 in Redhat

The access database (normally in /etc/mail/access) allows a mail administrator to administratively allow access to the mail server by individual domains. Each database entry consists of a domain name or network number as the key and an action as the value.

Keys can be a fully or partly qualified host or domain name such as host.subdomain.domain.com, subdomain.domain.com, or domain.com. The last two forms match any host or subdomain under the specified domain. (If FEATURE(relay_hosts_only) is set, only the first form works.) Keys can also be a network address or subnetwork, e.g., 205.199.2.250, 205.199.2, or 205.199. The latter two forms match any host in the indicated subnetwork. Lastly, keys can be user@host.domain to reject mail from a specific user.

Values can be REJECT to refuse connections from this host, DISCARD to accept the message but silently discard it (the sender will think it has been accepted), OK to allow access (overriding other built-in checks), RELAY to allow access including relaying SMTP through your machine, or an arbitrary message to reject the mail with the customized message.

For example, a database might contain:

cyberpromo.com REJECT sendmail.org RELAY spam@buyme.com 550 Spammers shan't see sunlight here

to reject all mail from any host in the cyberpromo.com domain, allow any relaying to or from any host in the sendmail.org domain, and reject mail from spam@buyme.com with a specific message.

Note that the access database is a map and just as with all maps, the database must be generated using makemap. For example:

makemap hash /etc/mail/access < /etc/mail/access

Manually Check for Open-Relay :

telnet 1.1.1.1 25

Server responds with: 220 mx.mydom.com SMTP
HELO

Server responds with: 250 OK
MAIL FROM:user@mydom.com

Server responds with: 250 Address Ok.
RCPT TO:user@otherdom.com

Server responds with: 250 user@otherdom.com OK
DATA

Server Responds (or may not): 354 Enter Mail
Enter message, then on a new line,
.

exit

The message should now be sent. By modifying the MAIL FROM and RCPT TO lines, you can test for open relay.

Open Relay Test from Web Site :

http://spamlinks.net/prevent-secure-relay-test.htm

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s