<<< Chronological >>> Author Index    Subject Index <<< Threads >>>


On Tue, 15 Sep 1998, Bertold Kolics wrote:
> I don't think that it is so easy to detect an open mail relay. Even though
> an MTA can accept a mail, it does *NOT* mean that it will relay a given
> message.

One of the more interesting projects we thought about was to set up a mail
server which wouldn't be listed in any standard customer configuration,
and then use that to collect unauthorised mail relaying (since in theory
only those who looked for it would use it, not normal mail delivery).
Then, we could use the connecting MTA details for possible local RBL-style
relay control, and to collect the spam that they send for analysis.

One of the side-tricks was to allow any mail in from one domain back to
the same domain, so that if they were looking for an "open" relay they'd
find it - better for us to suck in the spam and discard it rather than let
them use some other relay elsewhere :-)

Of course, an RBL detection that used the mail relaying to themselves
would appear to get a positive "open relay" too ...

<<< Chronological >>> Author    Subject <<< Threads >>>