Subject: Re: mail to ncrnko@jps.net
To: None <netbsd-users@netbsd.org>
From: Wolfgang Rupprecht <wolfgang@wsrcc.com>
List: netbsd-users
Date: 02/14/2001 05:36:49 
wojtek@wojtek.from.pl writes:
> Feb 12 07:13:36 wojtek sendmail[3229]: f1ADXVm03046: to=<ncrnko@jps.net>, 
> ctladdr=<wojtek@wojtek.from.pl> (1000/100), delay=1+16:39:48, xdelay=00:00:23, 
> mailer=esmtp, pri=5190677, relay=smtp3.jps.net. [63.208.208.81], 
> dsn=4.3.0, stat=Deferred: 
> 451 Open relay output - see http://www.orbs.org/verify.php3?address=212.45.238.198

ORBS is trivial to get out of.  Just configure your mailer to not
relay for *anyone* and go to www.orbs.org and request another test.

If you do allow any relaying, then be absolutely certain that the
folks you relay for won't screw you by allowing mail to relay from
their machine to yours.  This would make you the second hop of a
multi-hop relay.

ORBS has this piece of relayed mail on file (at
http://lookup.orbs.org/messagelookup.php3?address=195.117.150.159).
If this wasn't your system it was from the previous owner of that IP
address.

         195.117.150.159 : 2001-01-27 20:35:37 UTC 
        From sender@orbs.org  Sun Jan 28 09:43:20 2001
         Received: from promet.pl (N212045238198.unregistered.formus.pl [212.45.238.198])
                by mail2.manawatu.net.nz (8.9.3/8.9.3) with ESMTP id JAA08895
                for <orbs-relaytest@manawatu.co.nz>; Sun, 28 Jan 2001 09:42:23 +1300
         X-Remote-IP: 212.45.238.198
         Received: from tester42.orbs.org ([62.250.3.55]:22791 "HELO
                 relaytest.orbs.vuurwerk.nl") by promat1.promat.pl with SMTP
                id <S8584AbRA0VVs>; Sat, 27 Jan 2001 22:21:48 +0100
         To: orbs-relaytest@manawatu.co.nz
         From: sender@orbs.org
         X-Token: grdefqrdkvnmpgtv
         X-Envelope-Sender: <sender@orbs.org>
         X-Envelope-Recipient: <orbs-relaytest@manawatu.co.nz>
         Message-Id: <195.117.150.159@orbs.org>
         Subject: ORBS Relay Test - 195.117.150.159
         Date:   Sat, 27 Jan 2001 22:21:48 +0100
         
         This program checks for open relays.
         
         Open relays are automatically added to the ORBS Open Relay
         Database (see http://www.orbs.org/ for details).
         
         Check http://www.orbs.org/verify.php3?address=195.117.150.159 for this hosts current status.
         
         Vulnerability checks are detailed at http://www.orbs.org/envelopes.html
         
         Securing help can be found at http://www.orbs.org/otherresources.html
         
         There are multiple tests applied per IP address.
         Partially secured hosts may pass some tests, but fail others.
         Hosts are only classified as secure by ORBS if they pass all tests.
         
         Hosts which do not deliver messages are not classified as insecure.
         
         Do not use the above addresses to contact me - use admin@orbs.org.
         
         X-Token: grdefqrdkvnmpgtv
         X-Envelope-Sender: MAIL FROM:<sender@orbs.org>
         X-Envelope-Recipient: RCPT TO:<orbs-relaytest@manawatu.co.nz>


-- 
       Wolfgang Rupprecht <wolfgang+gnus@dailyplanet.wsrcc.com>
		    http://www.wsrcc.com/wolfgang/
Coming soon: GPS mapping tools for Open Systems. http://www.gnomad-mapping.com/