> I just used dnsstuff to test one of my domain names and it showed me > (the first time only) that my server is an openrelay, which is obviously > not true. This is due to the default behaviour of spamd of accepting > everything, even when a spamd.alloweddomains file is present. I think > this could choke some automated tests as nearly none of them goes to the > point of actually sending data. > > here is a well known spamd session: > " > telnet elrond.llorien.org 25 > Trying 88.198.156.90... > Connected to elrond.llorien.org. > Escape character is '^]'. > 220 elrond.llorien.org ESMTP ; Tue May 22 09:09:33 2007 > ehlo test > 250 Hello, spam sender. Pleased to be wasting your time. > mail from:<> > 250 You are about to try to deliver spam. Your time will be spent, for > nothing. > rcpt to:<[EMAIL PROTECTED]> > 250 This is hurting you more than it is hurting me. > " > > I know that I can configure spamd to send a 550 error to the client, but > only after DATA, which will clearly almost never happen in automated > tests. So I think it could probably be a good idea to add an option > which makes the 550 reply at RCPT TO for domains not being in > spamd.alloweddomains. This would still allow to make spamtraps but only > those sent at alloweddomains would waste the most time to the sender. > > What are your feelings bout this?
Any automated test I've ever set up for open relay, (and I run them) as well as any sane ones I ever see test for open relay by actually relaying a message not looking at the smtp dialoge. You're making much ado over nothing and spreading FUD - the tester you are using is just making stupid assumptions. -Bob