The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Open relay but not an open relay?

Discussion in 'E-mail Discussions' started by mstuebner, Mar 8, 2008.

  1. mstuebner

    mstuebner Well-Known Member

    Joined:
    May 13, 2007
    Messages:
    50
    Likes Received:
    0
    Trophy Points:
    6
    Hello,

    to my surprise I got the following alert message from lfd:

    Time: Sat Mar 8 20:34:56 2008
    Type: RELAY, Remote IP - 201.141.15.50 (customer-201-141-15-50.cablevision.net.mx)
    Count: 101 emails relayed
    Blocked: No

    Sample of the first 10 emails:.....

    what lets me think that this server works as open relay (quite fresh standard installation). A test made by abuse.net makes 10 tests and concludes that this server doesn't relay at all.

    Who may I trust more, or what may cause that alter if it isn't an open relay? How to understand this?

    Thanx for hints,

    Edit: For one of the message IDs listed in the alter exim_mainlog shows the following, what I would understand as a TRY to relay, but without success?

    2008-03-08 20:34:04 1JY4nz-0002iK-E2 <= -as@asdrs1.monsanto.com H=(201.141.15.50) [201.141.15.50] P=esmtp S=710 id=000701c88153$02ebc583$33aea2b2@mygcp
    2008-03-08 20:34:04 1JY4nz-0002iL-E2 <= -as@acehardware.com H=(201.141.15.50) [201.141.15.50] P=esmtp S=712 id=000701c88153$017407ca$194b3b84@deswvi
    2008-03-08 20:34:04 1JY4nz-0002iK-E2 => :blackhole: <6d22fd0e@domain.de> R=virtual_aliases
    2008-03-08 20:34:04 1JY4nz-0002iK-E2 Completed
    2008-03-08 20:34:04 1JY4nz-0002iL-E2 => :blackhole: <5u7ltemb@domain.de> R=virtual_aliases
    2008-03-08 20:34:04 1JY4nz-0002iL-E2 Completed
    2008-03-08 20:34:04 no IP address found for host customer-201-141-15-50.cablevision.net.mx (during SMTP connection from [201.141.15.50])
    2008-03-08 20:34:04 no IP address found for host customer-201-141-15-50.cablevision.net.mx (during SMTP connection from [201.141.15.50])
    2008-03-08 20:34:04 no IP address found for host customer-201-141-15-50.cablevision.net.mx (during SMTP connection from [201.141.15.50])
     
    #1 mstuebner, Mar 8, 2008
    Last edited: Mar 8, 2008
  2. troxalias

    troxalias Well-Known Member

    Joined:
    Nov 21, 2001
    Messages:
    96
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Athens - Greece
    The logs you attach mean that 201.141.15.50 sent two email to two different email addresses on domain.de. If domain.de is a local domain for your server then it is expected behaviour to accept those mail. As for lfd, i don't know the internals of it at the moment to explain why it complains.
     
Loading...

Share This Page