SMTP Open Relay Scanner

SMTP servers are essential for handling email transmission between users and domains. When configured securely, they require authentication and restrict message relaying to trusted senders. However, a misconfigured server may become an open relay, accepting and forwarding messages from unauthorized sources. Such servers can be exploited to send spam, phishing emails, or malware, damaging both reputation and deliverability.

An open relay vulnerability allows attackers to spoof the sender's address and relay messages without authentication. This enables impersonation of trusted entities, bypassing some spam filters and deceiving recipients. Open relays are a major contributor to spam proliferation and targeted phishing campaigns. Preventing this misconfiguration is a baseline security requirement for all SMTP deployments.

This scanner tests the target SMTP server (ports 25, 465, or 587) by attempting multiple MAIL FROM and RCPT TO command combinations without authentication. It does not send real spam but checks whether the server would accept and relay messages under various conditions. Each successful combination found indicates a possible abuse scenario.

If exploited, attackers could send large volumes of unsolicited emails, distribute malicious attachments, or conduct widespread phishing campaigns. This could lead to the server’s IP address being blacklisted, disrupting legitimate communications and harming the organization’s credibility. In severe cases, compromised SMTP servers may be integrated into global spam botnets.

REFERENCES

• https://nmap.org/nsedoc/scripts/smtp-open-relay.html