EMail Server Relay Check: Difference between revisions
m (→Overview) |
m (→Usage) |
||
Line 40: | Line 40: | ||
== Usage == | == Usage == | ||
The Relay Check tool is designed to be very easy to use. Type the hostname or IP address of the target server into the box and hit enter. You | The Relay Check tool is designed to be very easy to use. Type the hostname or IP address of the target server into the box and hit enter. You will immediately see diagnostic information on the output page: | ||
* If the target server is accepting connections on port 25 (SMTP) you will see output of three SMTP transactions. | |||
* if the server is an open relay, you will receive a test message sent to your email inbox. | |||
* if the server is delivering bounce messages outside its internal organization, you will receive a bounce message for analysis. | |||
* If the IP address is blacklisted on public Internet blacklists, that information will be shown with a link to verify blacklisting at mxtoolbox.com. | |||
* If you choose to check for open relay plus portscan, the server will be tested for public-facing open NETBIOS ports. | |||
'''(this documentation is currently under development)''' | '''(this documentation is currently under development)''' |
Revision as of 23:57, 21 March 2011
Overview
The eMail Server Relay Check Tool is a simple security tool designed for testing email servers for signs of misconfiguration. It should be useful for ISPs and server administrators performing security audits on their networks. Instead of having to visit three or four separate web pages, you will get a lot of information with one click.
The tool checks for the following:
- SMTP banner - reverse DNS mismatch
- Open Relay
- Bounce Messages or Non-Delivery Reports (NRS's)
- Listings on DNS-based Realtime Blacklists
- Optional NETBIOS port scan
You can access the eMail Server Relay Check page by selecting
NSTWUI > Network > email > eMail Server Relay Check
Configuration
The config file for Relay Check is /usr/share/relaycheck/cgi-bin/relaycheck.conf. Values need to stay in single quotes.
In order for the tool to work correctly, you will need to change the default email to your own email address.
my email address = 'change-me@some.domain.com'
Change this to your actual email address, it is where test messages will be sent.
You can also change server timeout values.
Enter your preferred timeout value in seconds for an initial connection to the target server. Default value is 5 seconds.
initial timeout = '5'
Enter your preferred timeout value for individual SMTP commands EHLO, MAIL FROM, RCPT TO, etc. Default value is 3 seconds, which may be too short. This value may need to be changed to '20' in order to accommodate most servers. Default timeout values are being tested and will be changed in a future revision.
individual smtp command timeouts = '3'
Usage
The Relay Check tool is designed to be very easy to use. Type the hostname or IP address of the target server into the box and hit enter. You will immediately see diagnostic information on the output page:
- If the target server is accepting connections on port 25 (SMTP) you will see output of three SMTP transactions.
- if the server is an open relay, you will receive a test message sent to your email inbox.
- if the server is delivering bounce messages outside its internal organization, you will receive a bounce message for analysis.
- If the IP address is blacklisted on public Internet blacklists, that information will be shown with a link to verify blacklisting at mxtoolbox.com.
- If you choose to check for open relay plus portscan, the server will be tested for public-facing open NETBIOS ports.
(this documentation is currently under development)