General discussion

  • Creator
    Topic
  • #2301977

    Blackhole-open relay

    Locked

    by wk_leow ·

    I have a lotus domino server 5.0.4 running,but recently my mail server has been listed as black hole.Could someone guide me how to avoid mail server from being used as an open relay by others?

All Comments

  • Author
    Replies
    • #3354478

      Blackhole-open relay

      by mark.denny ·

      In reply to Blackhole-open relay

      Hi,
      You could try the following although these are the instructions for setting this up on domino 5.10

      If you go into the server configurations settings for the server..
      Then select Router/SMTP
      Then select Restrictions and Controls
      Finally Select SMTP Outbound controls.
      In here you should see a allow messages only from the following internet addresses to be sent to the internet in here you should have it say *.company.email.address

      This then should only allow valid internal address to send from your server. You should also check you firewall configuration to make sure that this is all in order as well.

      • #3354923

        Blackhole-open relay

        by wk_leow ·

        In reply to Blackhole-open relay

        Thanks.For your information,I had the setting on long time ago (sorry about that).Yet,my lotus domino server still listed as black hole.I suspect that my lotus domino server been hacked and used as open relay sending mails.If is true,is there any other method to solve it?

    • #3354913

      Blackhole-open relay

      by wk_leow ·

      In reply to Blackhole-open relay

      Correction:I am using lotus domino server release 5.0.11

    • #3354801

      Blackhole-open relay

      by mark.denny ·

      In reply to Blackhole-open relay

      The only other answer I can think off is to look at your firewall security policy and the access control policy on your router whch goes to your ISP. What you could do is to ask your ISP which ip address they use to connect to your router for smtp traffic and then only allow smtp traffic to your mail servers from these address. This could be done by the acl on the router. Else you could try and block smtp traffic on your firewall from sources other than your ISP.

    • #3354097

      Blackhole-open relay

      by pierrejamme ·

      In reply to Blackhole-open relay

      I believe that once you are Black hole listed, even though you have stopped relaying you must petition them to take you off the list.

    • #3530032

      Blackhole-open relay

      by dbowlin ·

      In reply to Blackhole-open relay

      ordb.org is an organization that tests for open relay servers and lists them to ISP’s which then use the list as a filter to help prevent spam from coming to their client list. Go to their site, you will probably find the instructions you need to correct the problem with your software.

      Also are you sure it is your mail server that is the problem? A lot of web servers have smtp capabilities that should be locked down, so this is another place to check.

      I believe the answer above is also correct in saying that you must repetition to have your server removed from the list.

      Good luck.

      • #3530805

        Blackhole-open relay

        by wk_leow ·

        In reply to Blackhole-open relay

        Thanks for the information,I have already checked with ordb.org before and after tested,result shown is my mail server confirm used as open relay for spam mails.Anyhow,I haven’t made any repetition to have my server removed from black hole list since from 18/06/2003.I have done a few settings to the mail server and will do checking with ordb.org today.Hope it works!Will let you guys know the result tested.

    • #3529323

      Blackhole-open relay

      by alveden ·

      In reply to Blackhole-open relay

      As far as I know, Lotus domino server is inadequate when it is open to the Internet for Internet mail routing, especially version R5.x and below. Domino was not build to handle relay or spaming. It does allowed filtering and denying through listing of inbound and outbound address. Then again you need to define this list yourself, is close to impossible, unless you make it your full time job. Even if you have all possible address listed, a cleverly crafted mail header can still get through lotusdefense mechanism.

      If you have the alternative, upgrade to Domino R6, which caters for more robust UBE filtering/coding and have the DNSRBL features enabled. It also have a new addition, Inbound Relay Enforcement, which have the SMTP auth options(which only allow login user to relay). Though I still don’t trust Lotus to be able handle relay security adequately. But it’s better compared to R5.x and below.

      Alternatively, you can set up SMTP gateway to handle relay before mail reach the Domino server. There are both commercial and open source software that can handle this well. If, on windows platform, I could only think of the commercial version of sendmail. For open source, sendmail, postfix and qmail.

      If no addition or upgrade can be made to current system. As far as for closing open relay, R5 is not capable of handling it adequately. You can try third party anti-spam software .. but I advise against it as if you stop subscribing and stop upgrading, it can be easily by passed. Alternatively you can try to write a program that sits between the port 25 and lotus note socket to close the relay.

    • #3529723

      Blackhole-open relay

      by wk_leow ·

      In reply to Blackhole-open relay

      This question was closed by the author

Viewing 6 reply threads