This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

mxtoolbox "may be an open relay"

Hi there,

i searched all the Topics and found multiple Questions but no answer.

 

I configured some Mailprotection today after we got massive spam. (SPF,DKIM, dmarc). RDNS, Hostname etc is ok.

The only left over warning is this one:


SMTP Server Disconnected: May be an open relay.

With that SMTP-Message:

Connecting to ************

220 ************ ESMTP ready. [797 ms]
EHLO PWS3.mxtoolbox.com
250-**************** Hello pws3.mxtoolbox.com [64.20.227.134]
250-SIZE 104857600
250-8BITMIME
250-PIPELINING
250-AUTH PLAIN LOGIN
250-STARTTLS
250 HELP [828 ms]
MAIL FROM:<supertool@mxtoolbox.com>
250 OK [828 ms]
RCPT TO:<test@example.com>

SendSMTPCommand: You hung up on us after we connected. Please whitelist us. (connection lost)

PWS3v2 6297ms

The Smtp-log by the UTM:

2016:02:01-18:05:38 remote exim-in[29901]: 2016-02-01 18:05:38 SMTP connection from [64.20.227.134]:60937 (TCP/IP connection count = 1)

2016:02:01-18:05:40 remote exim-in[5287]: 2016-02-01 18:05:40 H=pws3.mxtoolbox.com [64.20.227.134]:60937 Warning: Exception matched: Skipping greylisting for this message
2016:02:01-18:05:40 remote exim-in[5287]: 2016-02-01 18:05:40 H=pws3.mxtoolbox.com [64.20.227.134]:60937 Warning: Exception matched: Skipping antispam for this message
2016:02:01-18:05:40 remote exim-in[5287]: 2016-02-01 18:05:40 H=pws3.mxtoolbox.com [64.20.227.134]:60937 F=<supertool@mxtoolbox.com> rejected RCPT <test@example.com>: Relay not permitted
2016:02:01-18:05:40 remote exim-in[5287]: 2016-02-01 18:05:40 SMTP connection from pws3.mxtoolbox.com [64.20.227.134]:60937 closed by DROP in ACL
I totally whitelisted the mxtoolbox-ip So that can't be the reason.
Any Solution would be nice. Thank you


This thread was automatically locked due to age.
Parents
  • We have gotten into an interesting and hopefully useful discussion that probably deserves its own topic, but I think we have digressed from LittleBird's original topic.

    On the question of "might be an open relay":

    Is this related to the problem, discussed elsewhere, that UTM opens port 25 on all ip addresses, and that firewall rules will do nothing to block this?   Bob Alfson's clever solutoin to this is to create a DNAT rule -- any traffic to port 25 on an undesired IP address get shunted to a non-existent IP.

    Otherwise, perhaps the complaint, as others have suggested, is that they did not receive an "authentication required" error message.

Reply
  • We have gotten into an interesting and hopefully useful discussion that probably deserves its own topic, but I think we have digressed from LittleBird's original topic.

    On the question of "might be an open relay":

    Is this related to the problem, discussed elsewhere, that UTM opens port 25 on all ip addresses, and that firewall rules will do nothing to block this?   Bob Alfson's clever solutoin to this is to create a DNAT rule -- any traffic to port 25 on an undesired IP address get shunted to a non-existent IP.

    Otherwise, perhaps the complaint, as others have suggested, is that they did not receive an "authentication required" error message.

Children
No Data