How to Fix an Open Relay

According to spamhelp.org, an open relay is “a mail server that does not verify that it is authorised to send mail from the email address that a user is trying to send from. Therefore, users would be able to send email originating from any third-party email address they want.”

Using an open relay, someone could use your domain name to send emails from falsified accounts. It is a method of sending spam while ensuring they are neither identified nor blocked from sending future spam messages. Sophisticated spammers may even have software that hunts for open relays and creates false email accounts to match those of the victimized server.

By using the tools at spamhelp.org, you can determine if you actually have an open relay. If you do, you can secure a mail server, such as Postfix by setting proper authentication protocols. In Postfix, edit the configuration file, which is usually found at /etc/mail/main.cf, and edit the following lines to apear as follows:

smtpd_helo_required = yes
smtpd_delay_reject = no
disable_vrfy_command = yes

smtpd_helo_restrictions = permit_mynetworks,
reject_invalid_hostname,
reject_unknown_hostname,
reject_non_fqdn_hostname

These settings will force incoming requests to pause and identify themselves before accessing the SMTP server. Authenticated users will be allowed to pass through and send mail. To complete the configuration changes, restart Postfix:

/etc/init.d/postfix restart

Open relays should be disabled in Postfix by default. If it is not on your server, you should either check with the company or operating system that configured it, or investigate your server for possible intrusions.











Comments: