I just found out I can connect to my SMTP Server via pythons smtplib without the need to login and send mails to whatever address with a random 'from'-address.
I did some relay tests online and they all say it's relay safe.. but... is it a correct behaviour?
As an example:
smpt = smptllib.SMTP('myServer.de') smpt.sendmail('[email protected]', '[email protected]', '....;) smpt.quit()
This works, and I am doing this from remote, not locally on my Server.
Yes, thats the correct behaviour.
There are 3 possibilitys where every mailserver ahs to accept emails:
1) The email is from localhost
2) The email is sent from a server that we allow to relay. See mynetworks setting in main.cf
3) The recipient domain is a local domain of this server.
thanks for your answer.
I did the test above from my machine at work.
None of the 3 points you mentioned match this machine - I think.
So is this realy correct?
Use this test to find out if your machine relays:
Leave the email field empty or use a external address like gmail.
Thanks a lot,