Security Basics mailing list archives
Re: open proxy
From: Mel <rockchick () totalise co uk>
Date: Mon, 31 Mar 2003 19:12:09 +0100
I'm not familiar with Domino so configuration may be different, but when you set up your mail server, were you not prompted to enter details about relay hosts and relay targets? - ie. specifying which IP address(es) the mail server should receive mail from (usually ONLY your firewall) and which IP addresses it can send mail to (this can be any, or you can specify domains to which email should not be sent).
Blocking open ports will not necessarily stop your mail server being an open relay. Obviously the machine should be locked down anyway and have only port 25 open to decrease the chance of it being attacked, but you need to lock it down in its configuration. At the moment it sounds like it's accepting and routing on mail from any IP address, and thereby probably being used by hundreds of spammers who will be spoofing their IP address using yours instead, and getting your organisation blacklisted.
Here are some links for you to check out: http://www.ordb.org/ http://www.abuse.net/relay.html http://mail-abuse.org/rbl/relay.html http://www.openrelaycheck.com/ At 12:31 PM 3/30/2003 +0200, Joost Ernest wrote:
Hello all, I have a question regarding to "open proxy". We are using Domino server as our mail server in a w2k server environment. A week ago we started to receive a-mail from a Dutch ISP dat our mailserver has been listed in an Open Proxy Database. As a result of this we can't send e-mail at all... I have started to block some ports explicitly (135, 139, 443, 1080, etc..) I also read some articles about this subject in which was written that i should use Authentication for every user that wants tos end E-mail. I know how to configure this in Exchange but i don't know how i can arrange this with Domino server. Any suggestions en url's would be appreciated! Thanks! Joost Ernest The Netherlands ------------------------------------------------------------------- SurfControl E-mail Filter puts the brakes on spam, viruses and malicious code. Safeguard your business critical communications. Download a free 30-day trial: http://www.surfcontrol.com/go/zsfsbl1
------------------------------------------------------------------- SurfControl E-mail Filter puts the brakes on spam, viruses and malicious code. Safeguard your business critical communications. Download a free 30-day trial: http://www.securityfocus.com/SurfControl-security-basics
Current thread:
- Re: open proxy James P. Schmidt (Apr 01)
- <Possible follow-ups>
- Re: open proxy Mel (Apr 01)
- Re: open proxy Michael Osten (Apr 01)
- open proxy nee cee (Apr 01)
- Re: open proxy Anders Reed Mohn (Apr 01)
- Re: open proxy Devdas Bhagat (Apr 01)
- RE: open proxy J.P.A. Ernest (Apr 03)