From this thread: http://community.kaseya.com/xsp/f/28/p/11670/57559.aspx
good while ago I was trying to trying to get a nice way of checking if a server was an open relay.the best way is to telnet from the server to relay-test.mail-abuse.org. This automatically checks back on the source IP and runs something like 18 different types of attempts to relay. Very cool test.
However, this proved to be a real pain with Kaseya as I could never
get the Telnet session to end. So the proceedure would just hold open 2
hours until the proceedure expired. Grrrrr. however, this thread helped to find a solution:
Anyway, here is the outline of how to do it.
1) Download PLINK
this in your \Kaseya\WebPages\ManagedFiles\VSASharedFiles\Exchange
folder on the server.
2) Create a custom field in Kaseya called "OpenRelay"
3) import the script attached.
4) run it on all servers.
Note: this version ONLY works for Exchange. It looks for store.exe
to be running. if its not running it just skips. Also, its a pretty
stringent test. you would likely get a bunch of fails so check those ones out. I have added an extra check for if port 25 is not accessible. we have some installations with interesting firewall setups that wont take this test.
Hope this helps. it helped me alot.
Very nice use of Kaseya!
I changed the setup on my server to use the #vAgentConfiguration.agentTempDir# instead of c:\temp\kaseya since not all servers had this directory. Also i tweaked the error messages that the probe could not connect. In our case it just means that the SMTP service is firewalled and will accept mail only from our spam filtering proxy.
I have added it to all the Exchange servers we manage. Nice stuff. Now i only wait for the scripting feature to create an alarm if there's a problem. Maybe i should just add the feature to send our service desk an email if there's a problem. Just so somebody monitors the monitor...
really good script, well done all involved.
I'm getting quite a lot of the following
Unknown - Connection Failure
Fail - Manual Check Required
These are defo exchange servers some exchange 2010, any clues?
Also is there a way to make it email someone if it finds an open relay?
This does not appear to work any longer. The telnet address does not establish a connection and going to the www.mail-abuse.org send you to ers.trendmicro.com