Send mail via telnet / test for open relay
Behind the scenes, the commands sent to mail servers are simple text commands. These commands can be to sent to an email server manually via telnet. This is a quick way to test an email server to determine if it is an open relay.
First, determine the MX for the domain in question:
nslookup
set type=mx
mydom.com
should return something like:Server: ns2.mydom.com
Address: 192.168.1.10
mydom.com preference = 10, mail exchanger = mx.mydom.com
mydom.com nameserver = ns.mydom.com
mx.mydom.com.com internet address = 1.1.1.1
mx2.mydom.com internet address = 1.1.1.2
The last two lines tell you about the mail server (MX = Mail Exchange). In this case, 1.1.1.1 and 1.1.1.2.
So, armed with this knowledge,
telnet 1.1.1.1 25
Server responds with: 220 mx.mydom.com SMTPHELO
Server responds with: 250 OKMAIL FROM:This email address is being protected from spambots. You need JavaScript enabled to view it.
Server responds with: 250 Address Ok.RCPT TO:This email address is being protected from spambots. You need JavaScript enabled to view it.
Server responds with: 250 This email address is being protected from spambots. You need JavaScript enabled to view it. OKDATA
Server Responds (or may not): 354 Enter Mail
Enter message, then on a new line,.
exit
The message should now be sent. By modifying the MAIL FROM and RCPT TO lines, you can test for open relay.