An Open Relay is an SMTP server that allows 3rd party relay of e-mail messages. By processing mail that is neither for nor from a local user, an open relay makes it possible for an unscrupulous sender to route large volumes of unsolicited emails. While they are a large number of online tools that would verify if your mail server is an open relay, for those that prefer testing this manually, this can be done by establishing a telnet connection on port 25 and trying to send a message, without authentication:
# telnet 85.204.103.34 25
Trying 85.204.103.34…
Connected to 85.204.103.34.
Escape character is ‘^]’.
220 server.auxell.ro
helo client.auxell.ro
250 server.auxell.ro
mail from: dragos.fedorovici@google.com
250 2.1.0 Ok
rcpt to: dragos.fedorovici@gmail.com
554 5.7.1: Relay access denied
If you are receiving a similar message then you’re mail server is secured (at list from this point of view). I will detail below the commands that are used in the above example:
helo – the client sends this command to the SMTP server to identify itself and initiate the SMTP conversation. The domain name or IP address of the SMTP client is usually sent as an argument together with the command (e.g. “HELO client.example.com”). If a domain name is used as an argument with the HELO command, it must be a fully qualified domain name.
mail from – specifies the e-mail address of the sender. This command also tells the SMTP server that a new mail transaction is started. If the senders e-mail address is accepted the server will reply with the 250 OK code.
rcpt to – specifies the e-mail address of the recipient. This command can be repeated multiple times for a given e-mail message in order to deliver a single e-mail message to multiple recipients.
