nmap --script smtp-open-relay -p 587 MAILSERVER-HOST
= ONLY PORT 587
13.01.2021, 21:43:31 info disconnect from REMOVED-HOST[REMOVED-IP] ehlo=1 rset=0/1 quit=1 commands=2/3
13.01.2021, 21:43:31 info connect from REMOVED-HOST[REMOVED-IP]
13.01.2021, 21:43:31 info disconnect from unknown[unknown] commands=0/0
13.01.2021, 21:43:31 info lost connection after CONNECT from unknown[unknown]
13.01.2021, 21:43:31 info connect from unknown[unknown]
nmap --script smtp-open-relay -p 25,465,587 MAILSERVER-HOST
= PORT 25,465,587
THIS TEST I’VE DONE WITH VPN (PROXY)
13.01.2021, 21:49:27 info DISCONNECT [REMOVED-IP]:50228
13.01.2021, 21:49:27 info DNSBL rank 13 for [REMOVED-IP]:50228
13.01.2021, 21:49:27 info addr REMOVED-IP listed by domain zen.spamhaus.org as REMOVED-IP
13.01.2021, 21:49:27 info addr REMOVED-IP listed by domain zen.spamhaus.org as REMOVED-IP
13.01.2021, 21:49:26 info PREGREET 11 after 0.04 from [REMOVED-IP]:50228: EHLO User\r\n
13.01.2021, 21:49:26 info addr REMOVED-IP listed by domain hostkarma.junkemailfilter.com as REMOVED-IP
13.01.2021, 21:49:26 info Look up REMOVED-IP on whitelist, result 200 DUNNO
13.01.2021, 21:49:26 info CONNECT from [REMOVED-IP]:50228 to [REMOVED-IP]:25
13.01.2021, 21:49:11 info disconnect from unknown[REMOVED-IP] ehlo=1 mail=5 rcpt=0/5 rset=5 commands=11/16
13.01.2021, 21:49:11 info too many errors after RCPT from unknown[REMOVED-IP]
13.01.2021, 21:48:51 info NOQUEUE: reject: RCPT from unknown[REMOVED-IP]: 554 5.7.1 <unknown[REMOVED-IP]>: Client host rejected: Access denied; from=<antispam@[REMOVED-IP]> to=<relaytest%nmap.scanme.org@[REMOVED-IP]> proto=ESMTP helo=<nmap.scanme.org>
13.01.2021, 21:48:38 info DISCONNECT [REMOVED-IP]:45466
13.01.2021, 21:48:38 info DNSBL rank 7 for [REMOVED-IP]:45466
13.01.2021, 21:48:38 info PREGREET 12 after 0.17 from [REMOVED-IP]:45466: EHLO ADMIN\r\n
13.01.2021, 21:48:37 info addr REMOVED-IP listed by domain b.barracudacentral.org as REMOVED-IP
13.01.2021, 21:48:37 info Look up REMOVED-IP on whitelist, result 200 DUNNO
13.01.2021, 21:48:37 info CONNECT from [REMOVED-IP]:45466 to [REMOVED-IP]:25
13.01.2021, 21:48:37 info DISCONNECT [REMOVED-IP]:62431
13.01.2021, 21:48:37 info DNSBL rank 20 for [REMOVED-IP]:62431
13.01.2021, 21:48:37 info addr REMOVED-IP listed by domain zen.spamhaus.org as REMOVED-IP
13.01.2021, 21:48:37 info addr REMOVED-IP listed by domain zen.spamhaus.org as REMOVED-IP
13.01.2021, 21:48:35 info addr REMOVED-IP listed by domain hostkarma.junkemailfilter.com as REMOVED-IP
13.01.2021, 21:48:35 info addr REMOVED-IP listed by domain b.barracudacentral.org as REMOVED-IP
13.01.2021, 21:48:35 info PREGREET 11 after 0.03 from [REMOVED-IP]:62431: EHLO User\r\n
13.01.2021, 21:48:35 info Look up REMOVED-IP on whitelist, result 200 DUNNO
13.01.2021, 21:48:35 info CONNECT from [REMOVED-IP]:62431 to [REMOVED-IP]:25
13.01.2021, 21:48:21 info NOQUEUE: reject: RCPT from unknown[REMOVED-IP]: 554 5.7.1 <unknown[REMOVED-IP]>: Client host rejected: Access denied; from=<antispam@[REMOVED-IP]> to=<relaytest@nmap.scanme.org> proto=ESMTP helo=<nmap.scanme.org>
13.01.2021, 21:48:03 info DISCONNECT [REMOVED-IP]:62109
13.01.2021, 21:48:03 info DNSBL rank 13 for [REMOVED-IP]:62109
13.01.2021, 21:48:03 info addr REMOVED-IP listed by domain zen.spamhaus.org as REMOVED-IP
13.01.2021, 21:48:03 info addr REMOVED-IP listed by domain zen.spamhaus.org as REMOVED-IP
13.01.2021, 21:48:01 info NOQUEUE: reject: RCPT from unknown[REMOVED-IP]: 554 5.7.1 <unknown[REMOVED-IP]>: Client host rejected: Access denied; from=<antispam@MAILSERVER-HOST> to=<relaytest@nmap.scanme.org> proto=ESMTP helo=<nmap.scanme.org>
13.01.2021, 21:48:01 info PREGREET 11 after 0.03 from [REMOVED-IP]:62109: EHLO User\r\n
13.01.2021, 21:48:01 info addr REMOVED-IP listed by domain hostkarma.junkemailfilter.com as REMOVED-IP
13.01.2021, 21:48:01 info Look up REMOVED-IP on whitelist, result 200 DUNNO
13.01.2021, 21:48:01 info NOQUEUE: reject: RCPT from unknown[REMOVED-IP]: 554 5.7.1 <unknown[REMOVED-IP]>: Client host rejected: Access denied; from=<antispam@nmap.scanme.org> to=<relaytest@nmap.scanme.org> proto=ESMTP helo=<nmap.scanme.org>
13.01.2021, 21:48:00 info CONNECT from [REMOVED-IP]:62109 to [REMOVED-IP]:25
13.01.2021, 21:48:00 info NOQUEUE: reject: RCPT from unknown[REMOVED-IP]: 554 5.7.1 <unknown[REMOVED-IP]>: Client host rejected: Access denied; from=<> to=<relaytest@nmap.scanme.org> proto=ESMTP helo=<nmap.scanme.org>
13.01.2021, 21:48:00 info disconnect from unknown[REMOVED-IP] ehlo=1 rset=0/1 quit=1 commands=2/3
13.01.2021, 21:48:00 info Anonymous TLS connection established from unknown[REMOVED-IP] to MAILSERVER-HOST: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
13.01.2021, 21:48:00 info connect from unknown[REMOVED-IP]
13.01.2021, 21:48:00 warning warning: HOSTNAME-REMOVED does not resolve to address REMOVED-IP: Name or service not known
13.01.2021, 21:48:00 info connect from unknown[REMOVED-IP]
13.01.2021, 21:48:00 warning warning:HOSTNAME-REMOVED does not resolve to address REMOVED-IP: Name or service not known
13.01.2021, 21:47:58 info disconnect from unknown[unknown] commands=0/0
13.01.2021, 21:47:58 info lost connection after CONNECT from unknown[unknown]
13.01.2021, 21:47:58 info connect from unknown[unknown]
13.01.2021, 21:47:58 info disconnect from unknown[unknown] commands=0/0
13.01.2021, 21:47:58 info lost connection after CONNECT from unknown[unknown]
13.01.2021, 21:47:58 info SSL_accept error from unknown[unknown]: Connection reset by peer
I think to check with PORT 587 is enough to check for an open relay?