• Introducing WebPros Cloud - a fully managed infrastructure platform purpose-built to simplify the deployment of WebPros products !  WebPros Cloud enables you to easily deliver WebPros solutions — without the complexity of managing the infrastructure.
    Join the pilot program today!
  • Support for BIND DNS has been removed from Plesk for Windows due to security and maintenance risks.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS.

Mail Security

B

Blackbit@

Guest
Plesk QMail doesn't force Auth for local Users. I checked this security issue by sending a mail directly from my server with Plesk 8.2. I just logged in from anywhere with "telnet" on port 25. I just need to know a local domain and address from my server.

The process then looks like this (i have hidden the IP, Hosts and adress, to post it here in public):

Testing your PBL block. See http://www.crynwr.com/spam/ for more info.
Please note that this test will not tell you if your server is open for
relaying. Instead, it tests to see if your server blocks email from IP
addresses listed in various blocking lists; in this case, the PBL list.

Here's how the conversation looked from pbl.crynwr.com.
Note that some sites don't apply the PBL block to postmaster, so
I use your envelope sender as the To: address.

I connected to x.x.x.x and here's the conversation I had:

220 plesk-mail.host.de ESMTP
helo pbl.crynwr.com
250 plesk-mail.host.de
mail from:<>
250 ok
rcpt to:<localmail@local.domain>
250 ok
data
354 go ahead
From: nelson-PBL-test@crynwr.com
To: localmail@local.domain
Date: Wed, 14 Nov 2007 21:6:15 -0000
Message-Id: <1195074375@pbl.crynwr.com>
Precedence: junk

Test message
.
250 ok 1195074375 qp 27273
quit
Successful termination. As far as I can tell, the email was delivered.
That might not be what you want.
Click to expand...

This test just sends a mail to the mentioned local adress, but this also works for remote receivers.

I think QMail has to be patched for Plesk to fix this! This can cause highly rates of outgoing spam from the own server, just like an open relay. Mostly everyone might have seen this in his Maillog, where the sender is just two brackets "<>", wich looks like my trial above:

Nov 18 04:25:54 qmail: 1195356354.209340 info msg 20985686: bytes 5567 from <> qp 26873 uid 2522
Nov 18 04:25:54 qmail: 1195356354.218090 starting delivery 30753: msg 20985686 to remote jljvgeiih@br.chr-hansen.com
Nov 18 04:25:54 qmail: 1195356354.218134 status: local 0/10 remote 1/20
Nov 18 04:25:56 qmail: 1195356356.984474 delivery 30753: failure: 195.24.10.188_does_not_like_recipient./Remote_host_said:_550_No_such_user_(jljvgeiih@br.chr-hansen.com)/Giving_up_on_195.24.10.188./
Nov 18 04:25:56 qmail: 1195356356.984791 status: local 0/10 remote 0/20
Nov 18 04:25:57 qmail: 1195356357.069103 bounce msg 20985686 qp 26881
Click to expand...

Please tell me, i'm wrong and just forgot to configure something. ;-)

Regards,
Blackbit
 
You must log in or register to reply here.

Similar threads

mapodec
Resolved Emails sent from Plesk accounts are not delivering only to Google Workspace
Replies
2
Views
841
mapodec
mapodec
W
Issue Mail forwarded on the server in the target mailbox is delivered to the SPAM folder
Replies
0
Views
633
W4ru
W
S
Issue SMTP/Qmail stop working suddenly without any cause
Replies
3
Views
2K
Stephen_Stephen
S
zoldos
Issue Cannot get OpenDKIM to run on Ubuntu 20.04, keep getting socket error!
Replies
5
Views
3K
zoldos
zoldos
I
Issue dkim o dmarc flor****.es
Replies
0
Views
637
Inma
I
Back
Top