Re: Please help. More on relaying...

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: Lanwench [MVP - Exchange] (lanwench_at_heybuddy.donotsendme.unsolicitedmail.atyahoo.com)
Date: 04/23/04 

Date: Fri, 23 Apr 2004 11:17:27 -0400

Adding the server's own IP to "allowed to relay" shouldn't open you up for
relay.
Did you disable authenticated relay? If not, do so...

I'm not 100% sure but it really looks to me like this is just an NDR -
meaning that someone (virus or spammer) is spoofing the sender to make
something look like it came from your domain. This is all too common and you
get the NDR because the recipient's server thinks the original message came
from your server.

StinkFinger wrote:
> More on this...
> My IIS / PHP / MySQL and Exchange are on the same box. To allow PHP
> to send mail I need to add my servers IP to the "Granted" list for
> the SMTP Virtual Server in Exchange, however, this opens me up for
> spam relaying.
>
> If I remove the IP, PHP generated mail no longer goes out (either
> using mail() or PHPMailer). Is there any combination that I can use
> to stop my server from relaying AND allow my PHP mail to go out ?
>
> Thanks.
>
> "StinkFinger" <stinky@pinky.com> wrote in message
> news:108h1hdet79ff70@corp.supernews.com...
>> All,
>> I am still getting emails like this (below) in my catchall box. It
>> looks like relaying to me, but I think I have everything in place to
>> prevent it. With one exception, I do have my own servers ip address
>> listed in the "granted" box, but that's it. I need this there to
>> allow my PHP scripts to access mail.
>>
>> Is there any way to prevent this ?
>> Here are the headers:
>>
>> Microsoft Mail Internet Headers Version 2.0
>> thread-index: AcQnkC9QIEeXNEq5R3OgcmGG7qJ3XA==
>> Received: from omr-m01.mx.aol.com ([64.12.138.1]) by
>> myserver.mydomain.com with Microsoft SMTPSVC(5.0.2195.6713); Wed, 21
>> Apr 2004 03:02:49 -0800 Received: from rly-bm01.mail.aol.com
>> (rly-bm01.mail.aol.com [172.20.75.162]) by omr-m01.mx.aol.com
>> (v98.19) with ESMTP id RELAYIN9-a4086550436e; Wed, 21 Apr 2004
>> 07:03:32 -0400 Received: from localhost (localhost) by
>> rly-bm01.mail.aol.com (8.8.8/8.8.8/AOL-5.0.0) with internal id
>> HAA16529; Wed, 21 Apr 2004 07:03:32 -0400 (EDT)
>> Date: Wed, 21 Apr 2004 07:03:32 -0400 (EDT)
>> From: "Mail Delivery Subsystem" <MAILER-DAEMON@aol.com>
>> Content-Transfer-Encoding: 7bit
>> Message-ID: <200404211103.HAA16529@rly-bm01.mail.aol.com>
>> To: <_c i t i_B_a_n_k~Member@mydomain.com>
>> MIME-Version: 1.0
>> Content-Class: urn:content-classes:message
>> Content-Type: multipart/report;
>> report-type=delivery-status;
>> boundary="HAA16529.1082545412/rly-bm01.mail.aol.com"
>> Importance: normal
>> Priority: normal
>> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409
>> Subject: Returned mail: User unknown
>> Auto-Submitted: auto-generated (failure)
>> X-AOL-IP: 172.20.75.162
>> Return-Path:
>> X-OriginalArrivalTime: 21 Apr 2004 11:02:49.0341 (UTC)
>> FILETIME=[2F2C1AD0:01C42790]
>>
>> --HAA16529.1082545412/rly-bm01.mail.aol.com
>> Content-Type: text/plain;
>> charset="iso-8859-1"
>> Content-Transfer-Encoding: 7bit
>>
>> --HAA16529.1082545412/rly-bm01.mail.aol.com
>> Content-Transfer-Encoding: 7bit
>> Content-Type: message/delivery-status
>>
>> --HAA16529.1082545412/rly-bm01.mail.aol.com
>> Content-Transfer-Encoding: 7bit
>> Content-Type: text/rfc822-headers;
>> charset="iso-8859-1"
>>
>>
>> --HAA16529.1082545412/rly-bm01.mail.aol.com--

Relevant Pages

  • Re: Unusual email recieved
    ... The true idiot is the person with the open mail relay. ... Try the following on a server ... This opens a mail session to a server ... rcpt to: This is the email address that is being sent to. ...
    (microsoft.public.security)
  • Re: PHP Tool
    ... my php files are all on a UNIX server. ... > open my files by FTP, so I also need a way to open the files from FTP with ... I simply doulbe click the file in the server window of the scp client, ... and UE opens it up for editing. ...
    (comp.lang.php)
  • Re: Hyperlinking to PHP
    ... therefore .php files will download, ... The order files will open depends on the configuration of the server ... >>> click the hyperlink the FILE DOWNLOAD dialog box opens. ...
    (microsoft.public.frontpage.client)
  • Re: Please help. More on relaying...
    ... option and I could not relay, but my PHP ... > from your server. ... >> spam relaying. ...
    (microsoft.public.exchange2000.misc)
  • Re: firefox & php
    ... and firefox opens a little dialogue box: ... then find PHP in the list of applications -- and REMOVE IT. ... No problem at the web server side, just take a look at the header: ...
    (alt.php)