At 04:01 PM 10/9/2002, Chris W. Parker wrote: >not that i have anything to ask right at the moment, but would you mind >if i contacted you directly if i'm in need sometime in the future? or >should i just post to the list? Posting to the list is your best method of getting an answer quickly, if necessary. >a few months ago (thanks to my negligence and inexperience) we had our >website being used as an open relay. > >anything that i can use/do to verify that the relay is actually closed? What SMTP Service are you using? e.g. MS? qMail? SendMail? And what platform? MS? *NIX? Some SMTP Services will accept "anything" but not deliver the message making it look like it's open when it's not. What you have seen might be from relay probes. You can test your openness via tools like these: http://www.paladincorp.com.au/unix/spam/spamlart/ http://njabl.org/method.html # Requested testing: * If you would like your server tested, use telnet to connect to port 2500 on rt.njabl.org from the server you want tested. Your server will be tested and you will see the results of the test as it is run. Note: If you are not sure how your system was used as an open relay, you can telnet as instructed above and the SMTP conversation will display in real time as your system is (re)tested, demonstrating the combination of to/from addresses which result in your system acting as an open relay. http://www.openrelaycheck.com/orc/checker.asp http://eyeonsecurity.org//tools/relay.html -- Anthony Baratta President Keyboard Jockeys "Conformity is the refuge of the unimaginative."