邮件服务器-邮件系统-邮件技术论坛(BBS)

标题: Exchange2000(sp3)在默认设置下存在open relay? [打印本页]

作者: wyl_xp 时间: 2006-4-7 11:05
标题: Exchange2000(sp3)在默认设置下存在open relay?
最近被IDC通知公司邮件服务器存在open relay,具体构架如下: win2000ADV+exchang2000(sp3)+scanmail,通过防火墙映射端口发布SMTP,POP3端口,Smtp的access连接按默认,按常理来说应该是没有open realy,但事实上测试如下: 
 第8个测试在没有认证的情况中继了,手工测试第6个竟然也是成功中继了. 
现在公司分布于全国,不可能关掉SMTP,也需要接收外部邮件,现在又不能购买防垃圾网关,请问各们大侠,如何短期内有办法修正open relay的问题? 谢谢啦. 
 
 
Mail relay testing 
 
Connecting to xxx.xxx.xxx.xxx for anonymous test ... 
 
<<< 220 email.sample.com sample Mail Server Thu, 6 Apr 2006 17:12:23 +0800 
>>> HELO www.abuse.net 
<<< 250 email.sample.com Hello [208.31.42.77] 
 
Relay test 1 
 
>>> RSET 
<<< 250 2.0.0 Resetting 
>>> MAIL FROM:<spamtest@abuse.net> 
<<< 250 2.1.0 spamtest@abuse.net....Sender OK 
>>> RCPT TO:<securitytest@abuse.net> 
<<< 550 5.7.1 Unable to relay for securitytest@abuse.net 
 
Relay test 2 
 
>>> RSET 
<<< 250 2.0.0 Resetting 
>>> MAIL FROM:<spamtest> 
<<< 250 2.1.0 spamtest@sample.com....Sender OK 
>>> RCPT TO:<securitytest@abuse.net> 
<<< 550 5.7.1 Unable to relay for securitytest@abuse.net 
 
Relay test 3 
 
>>> RSET 
<<< 250 2.0.0 Resetting 
>>> MAIL FROM:<> 
<<< 250 2.1.0 <>....Sender OK 
>>> RCPT TO:<securitytest@abuse.net> 
<<< 550 5.7.1 Unable to relay for securitytest@abuse.net 
 
Relay test 4 
 
>>> RSET 
<<< 250 2.0.0 Resetting 
>>> MAIL FROM:<spamtest@[xxx.xxx.xxx.xxx]> 
<<< 250 2.1.0 spamtest@[xxx.xxx.xxx.xxx]....Sender OK 
>>> RCPT TO:<securitytest@abuse.net> 
<<< 550 5.7.1 Unable to relay for securitytest@abuse.net 
 
Relay test 5 
 
>>> RSET 
<<< 250 2.0.0 Resetting 
>>> MAIL FROM:<spamtest@> 
<<< 501 5.5.4 Invalid Address 
 
Relay test 6 
 
>>> RSET 
<<< 250 2.0.0 Resetting 
>>> MAIL FROM:<spamtest@[xxx.xxx.xxx.xxx]> 
<<< 250 2.1.0 spamtest@[xxx.xxx.xxx.xxx]....Sender OK 
>>> RCPT TO:<securitytest%abuse.net@[xxx.xxx.xxx.xxx]> 
<<< 550 5.7.1 Unable to relay for securitytest%abuse.net@[xxx.xxx.xxx.xxx] 
 
Relay test 7 
 
>>> RSET 
<<< 250 2.0.0 Resetting 
>>> MAIL FROM:<spamtest@[xxx.xxx.xxx.xxx]> 
<<< 250 2.1.0 spamtest@[xxx.xxx.xxx.xxx]....Sender OK 
>>> RCPT TO:<securitytest%abuse.net@> 
<<< 501 5.5.4 Invalid Address 
 
Relay test 8 
 
>>> RSET 
<<< 250 2.0.0 Resetting 
>>> MAIL FROM:<spamtest@[xxx.xxx.xxx.xxx]> 
<<< 250 2.1.0 spamtest@[xxx.xxx.xxx.xxx]....Sender OK 
>>> RCPT TO:<"securitytest@abuse.net"> 
<<< 250 2.1.5 "securitytest@abuse.net"@sample.com 
 
Relay test result 
 
Hmmn, at first glance, host appeared to accept a message for relay. 
 
THIS MAY OR MAY NOT MEAN THAT IT'S AN OPEN RELAY 
 
<img src="../leadbbsfile/UBBicon/em11.GIF" width=20 height=20 align=absmiddle border=0>

作者: wyl_xp 时间: 2006-4-7 12:18
标题: re:其实此问题与这贴子的问题基本相同的....
其实此问题与这贴子的问题基本相同的. 
<a target=_blank href=../Announce/Announce.asp?BoardID=35&ID=849>../Announce/Announce.asp?BoardID=35&ID=849</a>

作者: wyl_xp 时间: 2006-4-7 12:19
标题: re:其实此问题与这下面贴子问题基本相同的....
其实此问题与这下面贴子问题基本相同的. 
<a target=_blank href=../Announce/Announce.asp?BoardID=35&ID=849>../Announce/Announce.asp?BoardID=35&ID=849</a>

作者: wyl_xp 时间: 2006-4-7 13:31
标题: re:大家试一下用http://www.abu...
大家试一下用<a target=_blank href=http://www.abuse.net/cgi-bin/relaytest>http://www.abuse.net/cgi-bin/relaytest</a>来测一下. 我朋友的Mdaemon测试就没有open relay问题. 下面是测试结果: Mail relay testing 
Connecting to friend-test.com for anonymous test ... 
<<< 220 friend-test.com MessageSoft SMG ESMTP Service Ready 
>>> HELO www.abuse.net 
<<< 250 friend-test.com Hello www.abuse.net, pleased to meet you 
 
 
Relay test 1 
>>> RSET 
<<< 250 RSET? Well, ok. 
>>> MAIL FROM:<spamtest@abuse.net> 
<<< 250 <spamtest@abuse.net>, Sender ok 
>>> RCPT TO:<securitytest@abuse.net> 
<<< 550 <securitytest@abuse.net>, Recipient unknown 
 
Relay test 2 
>>> RSET 
<<< 250 RSET? Well, ok. 
>>> MAIL FROM:<spamtest> 
<<< 550 <spamtest@friend-test.com>, Sender unknown 
 
Relay test 3 
>>> RSET 
<<< 250 RSET? Well, ok. 
>>> MAIL FROM:<> 
<<< 250 <>, Sender ok 
>>> RCPT TO:<securitytest@abuse.net> 
<<< 550 <securitytest@abuse.net>, Recipient unknown 
 
Relay test 4 
>>> RSET 
<<< 250 RSET? Well, ok. 
>>> MAIL FROM:<spamtest@friend-test.com> 
<<< 550 <spamtest@friend-test.com>, Sender unknown 
 
Relay test 5 
>>> RSET 
<<< 250 RSET? Well, ok. 
>>> MAIL FROM:<spamtest@[xxx.xxx.xxx.xxx]> 
<<< 250 <spamtest@[xxx.xxx.xxx.xxx]>, Sender ok 
>>> RCPT TO:<securitytest@abuse.net> 
<<< 550 <securitytest@abuse.net>, Recipient unknown 
 
Relay test 6 
>>> RSET 
<<< 250 RSET? Well, ok. 
>>> MAIL FROM:<spamtest@friend-test.com> 
<<< 550 <spamtest@friend-test.com>, Sender unknown 
 
Relay test 7 
>>> RSET 
<<< 250 RSET? Well, ok. 
>>> MAIL FROM:<spamtest@friend-test.com> 
<<< 550 <spamtest@friend-test.com>, Sender unknown 
 
Relay test 8 
>>> RSET 
<<< 250 RSET? Well, ok. 
>>> MAIL FROM:<spamtest@friend-test.com> 
<<< 550 <spamtest@friend-test.com>, Sender unknown 
 
Relay test 9 
>>> RSET 
<<< 250 RSET? Well, ok. 
>>> MAIL FROM:<spamtest@friend-test.com> 
<<< 550 <spamtest@friend-test.com>, Sender unknown 
 
Relay test 10 
>>> RSET 
<<< 250 RSET? Well, ok. 
>>> MAIL FROM:<spamtest@friend-test.com> 
<<< 550 <spamtest@friend-test.com>, Sender unknown 
 
Relay test 11 
>>> RSET 
<<< 250 RSET? Well, ok. 
>>> MAIL FROM:<spamtest@friend-test.com> 
<<< 550 <spamtest@friend-test.com>, Sender unknown 
 
Relay test 12 
>>> RSET 
<<< 250 RSET? Well, ok. 
>>> MAIL FROM:<spamtest@friend-test.com> 
<<< 550 <spamtest@friend-test.com>, Sender unknown 
 
Relay test 13 
>>> RSET 
<<< 250 RSET? Well, ok. 
>>> MAIL FROM:<spamtest@friend-test.com> 
<<< 550 <spamtest@friend-test.com>, Sender unknown 
 
Relay test 14 
>>> RSET 
<<< 250 RSET? Well, ok. 
>>> MAIL FROM:<spamtest@friend-test.com> 
<<< 550 <spamtest@friend-test.com>, Sender unknown 
 
Relay test 15 
>>> RSET 
<<< 250 RSET? Well, ok. 
>>> MAIL FROM:<spamtest@friend-test.com> 
<<< 550 <spamtest@friend-test.com>, Sender unknown 
 
Relay test 16 
>>> RSET 
<<< 250 RSET? Well, ok. 
>>> MAIL FROM:<spamtest@friend-test.com> 
<<< 550 <spamtest@friend-test.com>, Sender unknown 
 
Relay test 17 
>>> RSET 
<<< 250 RSET? Well, ok. 
>>> MAIL FROM:<spamtest@friend-test.com> 
<<< 550 <spamtest@friend-test.com>, Sender unknown 
 
Relay test result 
All tests performed, no relays accepted.

作者: khbd2k6 时间: 2006-4-13 13:24
标题: re:2000？还是升级到2003吧。
2000？还是升级到2003吧。

作者: wyl_xp 时间: 2006-4-13 21:59
标题: re:呵呵! 有点落后了呀.没出问题...
呵呵! 有点落后了呀.没出问题,上面一直不让动,就一直没有升级exchange,现在赶紧着这几天升级到exchange2003.

作者: wuhu297 时间: 2007-8-9 13:30
标题: 回复 #6 wyl_xp 的帖子
升级要钱的哟。

欢迎光临邮件服务器-邮件系统-邮件技术论坛(BBS) (http://5dmail.net/bbs/)