Is the SMTP safe?

Discussion in 'Installation/Configuration' started by Kira, Sep 29, 2011.

  1. Kira

    Kira New Member

    Hi,

    I just found out I can connect to my SMTP Server via pythons smtplib without the need to login and send mails to whatever address with a random 'from'-address.

    I did some relay tests online and they all say it's relay safe.. but... is it a correct behaviour?

    As an example:

    Code:
    smpt = smptllib.SMTP('myServer.de')
    smpt.sendmail('bla@blubb.com', 'someone@somewhere.de', '....;)
    smpt.quit()
    This works, and I am doing this from remote, not locally on my Server.

    Kira
     
  2. till

    till Super Moderator

    Yes, thats the correct behaviour.

    There are 3 possibilitys where every mailserver ahs to accept emails:

    1) The email is from localhost
    2) The email is sent from a server that we allow to relay. See mynetworks setting in main.cf
    3) The recipient domain is a local domain of this server.
     
  3. Kira

    Kira New Member

    Hi,

    thanks for your answer.

    I did the test above from my machine at work.
    None of the 3 points you mentioned match this machine - I think.

    So is this realy correct?

    Thanks,
    Kira
     
  4. till

    till Super Moderator

    Use this test to find out if your machine relays:

    http://www.abuse.net/relay.html

    Leave the email field empty or use a external address like gmail.

    If you followed the perfect setup guide to install your server, then it is no open relay.
     
  5. Kira

    Kira New Member

    Okay, seems to be safe.. :)
    Though I don't understand why I can do what I described above..

    Thanks a lot,
    Kira
     

Share This Page