we received a notice from our ISP that they are going to shut off our mail because we are a open relay for spam. They want to "blacklist" us. How can I find the machine with WIRESHARK?
asked 09 Sep '14, 11:46
Yes, you can use Wireshark to capture the traffic to and from your ISP to see what devices on your network accept SMTP traffic (TCP port 25). It may be simpler to scan your IP range with a nmap for that port though.
To check if a mail server is an open relay you can test them with one of the free online services that perform those kind of checks, e.g. http://www.mailradar.com/openrelay/
answered 09 Sep '14, 12:52