Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Eircom Testing Open Relaysh

  • 18-08-2004 6:56am
    #1
    Registered Users, Registered Users 2 Posts: 1,193 ✭✭✭


    Hi All,

    As usual, I checked my logs this morning. As usual, there were the expected "Relaying Denied" warnings from Sendmail as the spammers test my server.

    This morning, however, was different. The same IP Address (159.134.118.145) tried 20 times with a destination email address at eircom.net. This was a little unusual so rather than simply deleting the log report I looked up the IP Address. It resolves to openrelaytester.eircom.net.

    It looks like Eircom are doing some proactive work to prevent spam and I have to applaud them for that.

    Regards,

    Liam


Comments

  • Registered Users, Registered Users 2 Posts: 7,740 ✭✭✭mneylon


    Are you an Eircom user?
    I would presume that you are if they are doing these kind of checks against their own subscribers.
    Could you confirm that?


  • Registered Users, Registered Users 2 Posts: 1,193 ✭✭✭liamo


    Sorry, I omitted that very salient piece of information from my original post. Yes, I am an Eircom DSL user.

    I don't know what they'll actually do if they find an open relay. Contact the owner? Block SMTP traffic from that IP? Whatever their intentions, it does show that they're aware of the problem.

    Regards,

    Liam


  • Registered Users, Registered Users 2 Posts: 7,740 ✭✭✭mneylon


    I would hope that they would block SMTP traffic at least until the problem was resolved.
    It would be interesting to see if this is a new Eircom policy, as a lot of their netblocks have been ending up in Spamhaus over the last few months.


  • Registered Users, Registered Users 2 Posts: 1,193 ✭✭✭liamo


    Another 75 hits in this morning's log report. I don't mind them testing for an open relay but it's good manners to ask before hammering my box with tests. How many times do they need to test anyway? I reckon it's their system that they're testing.

    Anyway, I had a look at their policy. Relevant section reprinted below .....


    2.6 Some Customers administer their own mail servers to send and receive email across eircom net systems. These mail servers can potentially be used by third parties to send spam and other unsolicited email. To protect against this abuse all mail servers must be configured as "closed relays".

    2.6.1 Customers are responsible for ensuring that their mail servers are not acting as open relays.

    2.6.2 eircom net reserve the right to test the status of mail servers for open relays.

    2.6.3 Customers whose mail servers are acting as open relays will be required to reconfigure them as closed relays.

    2.6.4 eircom net reserves the right to suspend and/or terminate service where a Customer fails to close an open relay.

    2.6.5 eircom net reserves the right to suspend service immediately and without prior notice where the Customer's mail server is actively being used to send unsolicited email (including spam).


  • Posts: 3,620 ✭✭✭ [Deleted User]


    Every service provider should block port 25 out bound. If this were done the amount of spam zombies would be cut hugely. There is very little reason for this to port to be open outbound for the majority of internet users. Even if you host your own mail server you can use the ISP's SMTP server to send email.

    Perhaps have an option for advanced users who know what they are doing to open up the port.


  • Advertisement
  • Moderators, Social & Fun Moderators Posts: 10,501 Mod ✭✭✭✭ecksor


    I suggested that on a mailing list about 3 or 4 years ago and the whinge factor was amazing. Mind you, I think one of the more valid complaints was business people wandering from site to site with the same outbound mail settings. Hopefully that demographic is moving more and more to using VPNs nowadays.


  • Registered Users, Registered Users 2 Posts: 7,740 ✭✭✭mneylon


    Educating users is the real key in all this. There are far too many small businesses out there "running" mail servers that are badly configured or not patched. In many cases where the mail server is "seen" to be the cause of the spam the business is using NAT and somebody has brought in an infected laptop!!


  • Registered Users, Registered Users 2 Posts: 68,317 ✭✭✭✭seamus


    ronoc wrote:
    Every service provider should block port 25 out bound. If this were done the amount of spam zombies would be cut hugely. There is very little reason for this to port to be open outbound for the majority of internet users. Even if you host your own mail server you can use the ISP's SMTP server to send email.
    You won't be allowed to send mail from multiple addresses though. I use my own SMTP Server to send mail from different addresses. If this was blocked, I'd only be able to send mail from me@ntlworld.com, which is obviously undesirable.

    I agree though with blocking it, but allowing people to request that it be unblocked, if this was workable.


  • Posts: 3,620 ✭✭✭ [Deleted User]


    I havn't used my providers mail in quite a while (indigo) but I recall being able to send it from any address I liked. For convience I used the same SMTP server for all my accounts. Has this changed?


  • Moderators, Social & Fun Moderators Posts: 10,501 Mod ✭✭✭✭ecksor


    That's usually how it works. I've seen setups where it forces the sender name to the "correct" one but only when sending from a local shell.


  • Advertisement
Advertisement