I've been using the open relay test tool at http://www.abuse.net/relay.html
to test my Mercury server.
If I rely on the Relaying control checkboxes on the Connection control tab
of the SMPT server configuration dialog, I get a response like this:
<<< 220 my_mercury_server ESMTP server ready.
>>> HELO www.abuse.net
<<< 250 my_mercury_server Hello, www.abuse.net.
Relay test 1
>>> RSET
<<< 250 Command processed OK.
>>> MAIL FROM:<spamtest@abuse.net>
<<< 250 Sender OK - send RCPTs.
>>> RCPT TO:<securitytest@abuse.net>
<<< 553 We do not relay without RFC2554 authentication.
Relay test 2
>>> RSET
<<< 250 Command processed OK.
>>> MAIL FROM:<spamtest>
<<< 250 Sender OK - send RCPTs.
>>> RCPT TO:<securitytest@abuse.net>
<<< 553 We do not relay without RFC2554 authentication.
and so on for several other variations.
Alternatively, if I define transaction level filtering rules
that allow mail to domains I host, but reject all else:
R, "*@mydomain.com*", X
R, "*@myotherdomain.net*", X
R, "*", R, "554 We do not relay non local mail"
then the response I get is quite different:
<<< 220 my_mercury_server ESMTP server ready.
>>> HELO www.abuse.net
<<< 250 my_mercury_server Hello, www.abuse.net.
Relay test 1
>>> RSET
<<< 250 Command processed OK.
>>> MAIL FROM:<spamtest@abuse.net>
<<< 250 Sender OK - send RCPTs.
>>> RCPT TO:<securitytest@abuse.net>
<<< 554 We do not relay non local mail
Relay test 2
>>> RSET
<<< 554 Outcast connection - only the QUIT command will be accepted.
Now, it's not that I'm concerned about being polite to spammers, but is
one response better than the other?
Regards,
Richard
<P>I've been using the open relay test tool at <A href="http://www.abuse.net/relay.html">http://www.abuse.net/relay.html</A>
to test my Mercury server.</P>
<P>If I rely on the Relaying control checkboxes on the Connection control tab
of the SMPT server configuration dialog, I get a response like this:</P>
<P>&lt;&lt;&lt; 220 my_mercury_server ESMTP server ready.
&gt;&gt;&gt; HELO <A href="http://www.abuse.net/">www.abuse.net</A>
&lt;&lt;&lt; 250 my_mercury_server Hello, <A href="http://www.abuse.net/">www.abuse.net</A>.</P>
<P>
Relay test 1
&gt;&gt;&gt; RSET
&lt;&lt;&lt; 250 Command processed OK.
&gt;&gt;&gt; MAIL FROM:&lt;<A href="mailto:spamtest@abuse.net">spamtest@abuse.net</A>&gt;
&lt;&lt;&lt; 250 Sender OK - send RCPTs.
&gt;&gt;&gt; RCPT TO:&lt;<A href="mailto:securitytest@abuse.net">securitytest@abuse.net</A>&gt;
&lt;&lt;&lt; 553 We do not relay without RFC2554 authentication.</P>
<P>Relay test 2
&gt;&gt;&gt; RSET
&lt;&lt;&lt; 250 Command processed OK.
&gt;&gt;&gt; MAIL FROM:&lt;spamtest&gt;
&lt;&lt;&lt; 250 Sender OK - send RCPTs.
&gt;&gt;&gt; RCPT TO:&lt;<A href="mailto:securitytest@abuse.net">securitytest@abuse.net</A>&gt;
&lt;&lt;&lt; 553 We do not relay without RFC2554 authentication.</P>
<P>and so on for several other variations.</P>
<P>Alternatively, if I define transaction level filtering rules
that allow mail to domains I host, but reject all else:</P>
<P>R, "<A href="mailto:*@mydomain.com">*@mydomain.com</A>*", X
R, "<A href="mailto:*@myotherdomain.net">*@myotherdomain.net</A>*", X
R, "*", R, "554 We do not relay non local mail"</P>
<P>then the response I get is quite different:</P>
<P>&lt;&lt;&lt; 220 my_mercury_server ESMTP server ready.
&gt;&gt;&gt; HELO <A href="http://www.abuse.net/">www.abuse.net</A>
&lt;&lt;&lt; 250 my_mercury_server Hello, <A href="http://www.abuse.net/">www.abuse.net</A>.</P>
<P>
Relay test 1
&gt;&gt;&gt; RSET
&lt;&lt;&lt; 250 Command processed OK.
&gt;&gt;&gt; MAIL FROM:&lt;<A href="mailto:spamtest@abuse.net">spamtest@abuse.net</A>&gt;
&lt;&lt;&lt; 250 Sender OK - send RCPTs.
&gt;&gt;&gt; RCPT TO:&lt;<A href="mailto:securitytest@abuse.net">securitytest@abuse.net</A>&gt;
&lt;&lt;&lt; 554 We do not relay non local mail</P>
<P>Relay test 2
&gt;&gt;&gt; RSET
&lt;&lt;&lt; 554 Outcast connection - only the QUIT command will be accepted.</P>
<P>Now, it's not that I'm concerned about being polite to spammers, but is
one response better than the other? </P>
<P>Regards,
Richard
</P>