grep filters to block open relay

John Jolet john at jolet.net
Thu Mar 23 22:33:04 GMT 2006


On Mar 23, 2006, at 4:28 PM, hermit921 wrote:

> My company put in an Exchange server, which got listed as an open  
> relay.  They can't or won't configure Exchange to accept mail only  
> if the recipient address is valid, and they won't put MailScanner  
> in front of Exchange to do that.  Please accept this, don't  
> comment, move on.
>
> To block open relay functionality, they put pattern matching into  
> place, so destination email addresses such as the ones used by  
> relay-test.mail-abuse.org are rejected.  I had never heard of this  
> approach before.  It blocks some legitimate email, of course.  Is  
> this a common practice, or even a rare practice?  Any background  
> information is appreciated.
>
> hermit921
I know you can't "fix" the problem....you might mention to them that  
blocking relay REPORTING addresses might keep them off the black  
list, but WON'T stop the spammers looking for open relays...and that  
the legal liability of having that stuff contain THEIR headers is  
significant.  especially since the've been notified and KNOW they are  
running an open relay.  I would think whoever the compliance officer  
is would want to know about that......

on topic, that method is going to not be common practice as most of  
US would prefer to fix the underlying problem, as opposed to putting  
polarized lenses on it.



More information about the MailScanner mailing list