grep filters to block open relay

hermit921 hermit921 at
Thu Mar 23 22:44:09 GMT 2006

At 02:33 PM 3/23/2006, John Jolet wrote:

>On Mar 23, 2006, at 4:28 PM, hermit921 wrote:
>>My company put in an Exchange server, which got listed as an open
>>relay.  They can't or won't configure Exchange to accept mail only
>>if the recipient address is valid, and they won't put MailScanner
>>in front of Exchange to do that.  Please accept this, don't
>>comment, move on.
>>To block open relay functionality, they put pattern matching into
>>place, so destination email addresses such as the ones used by
>> are rejected.  I had never heard of this
>>approach before.  It blocks some legitimate email, of course.  Is
>>this a common practice, or even a rare practice?  Any background
>>information is appreciated.
>I know you can't "fix" the might mention to them that
>blocking relay REPORTING addresses might keep them off the black
>list, but WON'T stop the spammers looking for open relays...and that
>the legal liability of having that stuff contain THEIR headers is
>significant.  especially since the've been notified and KNOW they are
>running an open relay.  I would think whoever the compliance officer
>is would want to know about that......
>on topic, that method is going to not be common practice as most of
>US would prefer to fix the underlying problem, as opposed to putting
>polarized lenses on it.

They are not blocking reporting addresses, they are blocking email 
addresses in the format used to test an open relay.  For instance, to block at they might block anything with a % character followed 
by an @ character, with any character allowed in the three other spots.  I 
don't know if this example is accurate, but you get the general idea.


More information about the MailScanner mailing list