Possible open relay

[aries7]

Hello.
I am receiving messages since fake account of my domain, by example ghtrs@mydomain.com jgyfds@mydomain.com, jfgtjjk@mydomain.com, etc.
Testing by telnet mail.mydomain.com i verified that can send using fake account to other servers how Gmail account.
I have not modified anything in exim.
How to avoid sent using false accounts from my domain?

I test my mail server with http://www.abuse.net/relay.html and it indicates to me
Relay test 6
>>> RSET
<<< 250 Reset OK
>>> MAIL FROM:<spamtest@mydomain.com>
<<< 250 OK
>>> RCPT TO:<securitytest%abuse.net@mydomain.com>
<<< 250 Accepted

Relay test result
Hmmn, at first glance, host appeared to accept a message for relay

Thanks.

[screege]

I have the same problem:

Connecting to lanets.net for registered user test ...
<<< 220-server1.la-nets.com ESMTP Exim 4.52 #1 Fri, 05 Jan 2007 19:54:57 -0600
<<< 220-We do not authorize the use of this system to transport unsolicited,
<<< 220 and/or bulk e-mail.
>>> HELO www.abuse.net
<<< 250 server1.la-nets.com Hello www.abuse.net [208.31.42.77]


Relay test 1
>>> RSET
<<< 250 Reset OK
>>> MAIL FROM:<spamtest@abuse.net>
<<< 250 OK
>>> RCPT TO:<webmaster@lanets.net>
<<< 250 Accepted
>>> DATA
<<< 354 Enter message, ending with "." on a line by itself
>>> (message body)
<<< 250 OK id=1H30lt-0002Hi-W5

Relay test result
Hmmn, at first glance, host appeared to accept a message for relay.
THIS MAY OR MAY NOT MEAN THAT IT'S AN OPEN RELAY.

Some systems appear to accept relay mail, but then reject messages internally rather than delivering them, but you cannot tell at this point whether the message will be relayed or not.

If it is really an open relay, the test message will be delivered to you. If you do not receive the test message in your e-mail in the next few hours, it IS NOT an open relay.

Can anyone help?

[cjmwebdesigns]

Howdy,

This is certainly an issue. I just spent a month going back and forth with AOL and such as mail was being marked at AOL as spam by my IP. After working with Mail Administrators and then doing some testing my server to is an Open Relay Source.

I am trying to figure out where in EXIM I can turn off relaying other than local IP or domains.

See Below
------------------------------------
220-host.myserver.comESMTP Exim 4.63 #1 Wed, 07 Feb 2007 17:52:08 -0500
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.
mail from: cje2@aol.com
250 OK
rcpt to: whoever@hotmail.com
250 Accepted
--------------------------------

I am not familiar with the EXIM Configurator, but I did some reviews of the Advanced Editor and found the following:

# The use of your host as a mail relay by any host, including the local host
# calling its own SMTP port, is locked out by default. If you want to permit
# relaying from the local host, you should set
#
# host_accept_relay = localhost

Now this is in the gray area of the advanced editor and the # makes it a comment and not an action. Where can I make this an action? I was looking at EXIM and now I see a new area for ACL's.

Thanks,
Craig M.

[chirpy]

If you're running an unmodified exim configuration it won't be an open relay. Just because it says that an email is accepted does not mean the email has been relayed. To check that you need to look in your exim_mainlog to see what exim did with the mail.