SMTP Relay Checking

A common trick used by senders of UCE is to send their spam via a third party relay

Why? Two main reasons

1. It allows them to send much, much more email than they could without it. They can send one email addressed to a few hundred email addresses to the relay. The relay will then expand that to a few hundred separate emails, one sent to each recipient. This allows them to send a hundred thousand emails an hour over a cheap dialup account rather than the couple of thousand they could send without stealing service from the relay
2. It obfuscsates the headers, making it more difficult to track the original sender. In the case of badly configured relays which don't record the IP address of the sender it makes it impossible to find the originator without the co-operation of the system administrator of the relay

The only sure way to tell whether an SMTP server is insecure (allowing anyone to relay email) is to try and relay an email through it back to yourself

Some system administrators will get upset if you do this. While any reasonable sysadmin shouldn't object if you check that his system is insecure, then politely tell him so, there are a fair number of insecure sysadmins who'll go off the deep end and threaten law suits if you probe their servers. There are also servers which are secure, but which log relay attempts. Either way, don't probe servers on a whim, and send email to their admins afterwards explaining why you were probing their server

Before you can run a relay check you need to do two things

• Select Edit→Options...→Configuration and enter your email address
• Select Edit→Options...→Advanced and select Enable active probing

Then select Tools→SMTP Relay Check..., enter the server you want to probe and hit OK

A new window will open, showing the transaction. Even if the server seems to accept your relayed email it may throw it away without telling you. You don't know that it allows relaying until the relayed email arrives in your inbox