• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Qmail SMTP Relay

I

igareth

Guest
Hello,

After updating our server, I noticed we had hundreds of spam email message in the queue. An account had been hacked so I altered the password, and it stopped it. - we have SMTP AUTH on.

The messages were from a different address to of the account. I had a feeling that before going to 11.x that even with SMTP Auth, qmail would only send with hosted domains - was I wrong?

Can qmail be setup to limit relay via SMTP Auth to only hosted domains?

Thanks for any help.
 
Ideally when you have enabled SMTP authentication it means that ONLY those domains authenticated with an email address and password hosted on your server can send email through SMTP on your server.

So, if that is not what is happening, check the following:

1. Make sure you have enabled SPF in email settings .This will reduce on the spammers that pretend to be you when some times its not you sending email.

2. Make sure the email is not coming from a compromised form on any of the hosted domain names.

3. And ofcourse ensure you have closed rileys.
 
When someone successfully does an SMTP auth, they can send email "From:" any domain they want - the "From:" doesn't get looked at.

This isn't so bad really. If the bad guys get credentials to authenticate, it makes little difference who the "From:" is. In fact it is better that it isn't "From:" the user in question, as otherwise they would be deluged with bounces and it could cause a load issue on the server.

There are undoubtedly several situations where a restriction would be of benefit, of course. One that I can think of is a customer calling you to say they are getting lots of bounces, which might help you notice a spamming run sooner than otherwise, I suppose.

Rate-limiting smtp might be a good thing to do and would help here. I've not done it myself as I use qmail, but I understand that postfix's anvil features rate limiting.
 
For QMail you can try the following:

1. Recipients Limits

vi /var/qmail/control/maxrcpt

Then set your own number eg 50

Then: /etc/init.d/qmail restart

2. Stopping QMail Double Bounces

vi /var/qmail/control/doublebounceto

and add '#' in that file. NB: only #
 
You must log in or register to reply here.

Similar threads

S
Issue SMTP/Qmail stop working suddenly without any cause
Replies
3
Views
456
Stephen_Stephen
S
I
Question mails that get lost
Replies
7
Views
3K
Inma
I
M
Issue Can't open Port 25. Please help
Replies
2
Views
427
mhogue
M
M
Question limit access to email smtp via IP address.
Replies
2
Views
662
Kaspar
K
carlsson
Resolved Outgoing administrator mail not authorized [missing SPF record in sender domain]
Replies
11
Views
1K
rkbonatto
rkbonatto
Back
Top