I sent this to the group last night, but it doesn't seem to have gone through. My apologies if this is a duplicate:
If anyone out there is using SARA (http://www-arc.com/sara/sara.html) to check the security of the GNAT Box, you should be aware that the two latest versions of SARA (sara-3.1.5 and sara-3.1.6) can return a false positive indicating that the GNAT Box SMTP proxy can be used as a spam relay. So far, I have only seen this happen when scanning one of the GNAT Box's aliases. If anyone is running into problems convincing Customers and/or bosses that the SMTP server is really OK even though SARA says that it's not, I have attached a shellscript that performs the same test that SARA does (only correctly!) and shows that the GNAT Box SMTP proxy does not relay (assuming that you have filled in the "domains to accept" box). I have used this shellscript with bash under Linux. If you try to use it in another environment YMMV. Since I just threw it together as a proof-of-concept, don't expect it to win any points for style! Mike Burden Lynk Systems (616)532-4985 [EMAIL PROTECTED]
test.smtp.bash
Description: Binary data
