• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Plesk 7.5.2 Open Relay

K

KudosDesigns

Guest
Dear all,

I am running Plesk 7.5.2 on CentOS 3.4, and i am a little worried about my server being an open relay.

After doing some tests on http://www.abuse.net/relay.html, my Plesk server fails each time at test 6. However, my other Postfix mail server goes right through and finishes the test, passing all the tests successfully.

I have SMTP authentication and POP3 lock in enabled on the server, but other than that it should be closed to relaying. I haven't added anything to my black or white lists, so both those should be ok.

Does anyone know if this is a feature of qmail, and essentially this is ok? It's quite a worry as i obviously don't want the server to become black listed. Is there any way i can secure up the server and make it pass all of the tests - that would at least limit my chances of being placed on a black list.

We had a big SPAM attack yesterday, where numerous e-mails left our server for the rest of the world. However i believe this was caused by a legitimate connection from a virused PC. It is still worrying.

Any thoughts on whether this is an open relay would be much apprechiated,

Nick
 
I am having the exact same problem.

Virgin 7.52 install on FC2 with additional ART gmail-scanner, clamav and spamassassin 3.02 installed.

Now I'm starting to get paranoid.

Ian
 
I have noticed that qmail on a plesk server fails at test 9 which is a percent hack test. I am recieving the emails from the dummy account at abuse.net when they use the percent hack to relay through the server. I have sent all test emails to plesk with a full discription of what i did but i have heard nothing back from them.

I was under the impression that qmail does not allow the percent hack unless you specifically tell it to through one of the control files or compile it in. If i run qmail-showctl it reports
percenthack: (Default.) The percent hack is not allowed.
but it is allowing it which tells me it was compiled in.

Can anyone else verify this? or am i just an idiot
 
I've noticed this test failed also, but a manual attempt to send with percent hack failed so I assume it got sucked up in a blackhole somewhere?
 
BTW, it is possible to configure domain in plesk to reject an email to non-existed users. In this case, you will never have a problems with test 6.
 
Originally posted by defencer
BTW, it is possible to configure domain in plesk to reject an email to non-existed users. In this case, you will never have a problems with test 6.
Click to expand...

How is this done? I wish to leave my catch all on but reject only specific email accounts. In sendmail all I had to do was add a line in its config. Any pointers.
 
In the domain | mail options prefs, you can specify to Reject, but this will nullify the use of any catch-all account. Currently it is not setup to allow you to specify a list of 'unknown' users, it is either 'on' or 'off' for the entire domain. So if you want to still use catch-all for 'domainxx.com', then you would leave the option pref set to forward to the catch-all account.
 
BTW,

Just thought I'd mention, Search is a really handy tool. These false positives regarding Qmail have been covered many times. I know it's easy to just post a New Topic right away, but a search or two up front can save people time....

Remember, many issues posted are actually not Plesk related. They certainly did not write the Qmail code...
 
Originally posted by BDMM
How is this done? I wish to leave my catch all on but reject only specific email accounts. In sendmail all I had to do was add a line in its config. Any pointers.
Click to expand...

If you want to reject a specific email accounts, then just create those empty email accounts. Or better create one such empty account and add aliases for it.
 
i've changed whitelist

from 127.0.0.0/8

to 127.0.0.0/32

all the rest is setted as standard plesk installation over RHEL 3 ES

the test has reported

Code: 
Hmmn, at first glance, host appeared to accept a message for relay.

but:
Code: 
If it is really an open relay, the test message will be delivered to you. If you do not receive the test message in your e-mail in the next few hours, it IS NOT an open relay.

i've done it 15min ago... and till now i havent received any email... :)
 
And you won't as long as the server has not been compromised. None of my servers (back to Plesk 6) through the most recent 7.5.3 has ever truly failed the test. False positives yes, that is to be expected from standard Qmail, this is not a Plesk specific issue. I have other Linux boxes with Qmail, but no Plesk and they do the same.
 
yeah i also got no spam.

but someone's spamming over my server... there were over 400 000 mails in outgoing queue, all of them bounced ;)
 
You must log in or register to reply here.

Similar threads

Alex Presland
Issue Emails forwarded by Plesk fail DKIM checks with certain attachments
2
Replies
21
Views
2K
Alex Presland
Alex Presland
P
Question Plesk Email Security Block list doesn't work
Replies
5
Views
934
Kaspar
K
J
Question Seeking Advice on Alternative Backup Solutions for Plesk
Replies
1
Views
342
pleskpanel
P
A
Issue All Websites Down and Plesk Panel Not Reachable After Restarting Nginx. Have SSH Access, Plesk Repair Not Working
Replies
16
Views
1K
Peter Debik
P
D
Issue please fix conflict with each other: MSMTP (relay only), Dovecot
Replies
10
Views
2K
davbod
D
Back
Top