Is the SMTP safe?

Discussion in 'Installation/Configuration' started by Kira, Sep 29, 2011.

  1. Kira

    Kira Member

    Hi,

    I just found out I can connect to my SMTP Server via pythons smtplib without the need to login and send mails to whatever address with a random 'from'-address.

    I did some relay tests online and they all say it's relay safe.. but... is it a correct behaviour?

    As an example:

    Code:
    smpt = smptllib.SMTP('myServer.de')
    smpt.sendmail('bla@blubb.com', 'someone@somewhere.de', '....;)
    smpt.quit()
    This works, and I am doing this from remote, not locally on my Server.

    Kira
     
  2. till

    till Super Moderator

    Yes, thats the correct behaviour.

    There are 3 possibilitys where every mailserver ahs to accept emails:

    1) The email is from localhost
    2) The email is sent from a server that we allow to relay. See mynetworks setting in main.cf
    3) The recipient domain is a local domain of this server.
     
  3. Kira

    Kira Member

    Hi,

    thanks for your answer.

    I did the test above from my machine at work.
    None of the 3 points you mentioned match this machine - I think.

    So is this realy correct?

    Thanks,
    Kira
     
  4. till

    till Super Moderator

    Use this test to find out if your machine relays:

    http://www.abuse.net/relay.html

    Leave the email field empty or use a external address like gmail.

    If you followed the perfect setup guide to install your server, then it is no open relay.
     
  5. Kira

    Kira Member

    Okay, seems to be safe.. :)
    Though I don't understand why I can do what I described above..

    Thanks a lot,
    Kira
     

Share This Page