grep filters to block open relay
glenn.steen at gmail.com
Fri Mar 24 16:35:35 GMT 2006
On 24/03/06, hermit921 <hermit921 at yahoo.com> wrote:
> At 04:31 PM 3/23/2006, Kai Schaetzl wrote:
> >Hermit921 wrote on Thu, 23 Mar 2006 14:28:23 -0800:
> > > They can't or won't configure Exchange to accept mail only if the
> > > recipient address is valid
> >AFAIK, Exchange *can* be configured to not be an open relay.
> > > user%ibm.com at sun.com
> >The relay tests don't work this way. They will try to send email with some
> >tricks to addresses that are not on your machine. This includes tricks
> >like the above. But accepting and dropping such a mail will possibly not
> >get you on such a list. Only if that mail is received in their spamtrap
> >then you qualify as an open relay, just accepting and not forwarding it is
> The actual address (slightly edited) used was
> "marvin at marvin.tester.org"@mydomain.com
> and that mail got returned to the sender at tester.org. Therefore it is an
> open relay.
> What the Exchange admins did (after they got listed as an open relay) is
> reject any message that matches some character pattern that would catch
> this email address.
> Don't ask me how silly this is - I feel like screaming.
> I just want to know if anyone else has ever heard of this type of filtering
> being done.
Only by idiots. Sorry, no better way to put it... And I strongly
suspect we all join in that sentiment... It's like curing an ailing
heart by removing it. Sigh.
Apart from the good laugh Steve gave you (yeah, I've peeked through
the thread:), the M-Sexchange settings he has should be a good start
for educating your exch-admins. That and a large blunt object (If you
live near Stockholm, I can loan you my LART... It's a very nice
email: glenn < dot > steen < at > gmail < dot > com
work: glenn < dot > steen < at > ap1 < dot > se
More information about the MailScanner