How to ensure that your mail server is not an open relay

In this tutorial, I will show you how to ensure that your mail server is not an open relay. An open relay allows anyone to send mail using your server even if neither the sender or recipient have accounts on it.

Spammers frequently make use of open relays to avoid paying for bandwidth costs. Unfortunately, if they use your server, your useable bandwidth may plummet and your costs could go up.

  1. Open a command prompt. In windows go to the Start button, type command and press the Enter key. In linux or other UNIX-like operating systems you may already be at the prompt. If not you should have an icon in one of the menus to open to a terminal window.
  2. Type telnet mail server address 25 and press Enter where mail server address is the IP address or name of the SMTP mail server that you wish to test. For instance, mail.mydomain.com or 192.168.0.1.
  3. Type EHLO and your domain name (if unsure, you may be able to get away with a fake one like my.domain.net and press Enter.
  4. Type mail from:, a fake e-mail address, and then the Enter key (i.e. mail from: carson@carsonball.biz. You may already receive an error since this is a fake address; some servers try determining if a domain is valid before allowing you to proceed further.
  5. Type rcpt to:, a fake e-mail address and then the Enter key (i.e. rcpt to: carson@carsonball.biz. You may receive an error message at this step since neither the sender or recipient should be on the server that you are testing.
  6. If you have not received an error yet, all is not lost. Type data. and then the Enter key. Notice the period after data, this is important.
  7. Now type subject: test and the Enter key.
  8. Type several lines (this will be the body of the message) and - when you are finished - type . on a blank line and press Enter.
  9. At this point, if you do not receive an error, your system is probably an open relay.
  10. There are some very rare mail servers that do not display an error at any of these steps, but do not attempt to send the message. I would assume that this is an intentional feature to waste the spammer's time. If they continue to think that the message is going through, they will no doubt try this server in the future, thus ensuring that their messages do not go through.

    However, in almost all cases, if you do not receive an error message at any of the steps above, your server is most probably and open relay and should be fixed. Having an open relay on your network is in violation of some ISPs' policies and may result in your services being suspended or terminated.

    Most mail servers will allow relaying from specified hosts. This is normal in many organizations where several domain names may be present, but only one mail server exists.


Spampyre feed
Tutorials feed

New CSS Styles
Old CSS Styles
Older CSS Styles
Oldest CSS Styles

Privacy Policy

Want to reprint this content?
Contact me
Last edited: 2017-09-18

minimum
minimum
minimum
minimum