Peter N. M. Hansteen wrote: > Renaud Allard <[EMAIL PROTECTED]> writes: > >> Indeed, but it could cause you to get blacklisted by some automated >> checkers, which is clearly something you don't want. I know this kind of >> checker is not accurate, but some local checkers will do it that way and >> you will end up with the problems. > > After reading your original message, I looked around the first 20-odd > relay checkers and lists of open relays google could find for me > (search string: "mail relay test"). Some these sites in turn link to > extensive lists of publicly available lists of open relays, but I > never found any indication that any of our servers (all spamd > protected) were on any of them. > > I take this as an indication that at least the more commonly used ones > do not behave as you suspect. If other, less common ones or or pay to > use lists are more trigger happy and as a consequence offer less > accurate data than the free ones, that is of course unfortunate.
I speak mostly of SMTP-time checkers. Imagine you are sending a mail to someone and while you are doing the SMTP transaction, the remote host also connects to your server to see if it may be an openrelay. Given current spamd behaviour and the time the remote host has to check your server, it will judge it as an openrelay as it won't be able to pass through the data phase. As a secondary effect, sender callouts made from a remote server will also be accepted (at least the first time) even if the recipient doesn't exist on your server. But that's probably not really that important. [demime 1.01d removed an attachment of type application/x-pkcs7-signature which had a name of smime.p7s]
