Facebook
Twitter
J
Jason_I_Am
Guest
Hi.
Overnight, one of my e-mail addresses has received 400 SPAM e-mails!
I've checked the server to see if relaying was the problem, and I don't think it is. The Plesk option (Server->Mail->Relaying) is set to "authorization is required - SMTP".
I used various web services to verify, and I even installed mrt ( Mail Relay Tester - http://www.monkeys.com/mrt/ ).
I've tried telnetting into the server and issuing various exploits, such as:
HELO servername
MAIL FROM:<[email protected]>
RCPT TO:<[email protected]>
I always receive the appropriate message about the host not being in the rcpthosts file.
So I believe everything is secure (however if I'm wrong, please tell me!
)
The problem as far as I can see, is a spammer is able to send mail to any of my locally hosted domains without SMTP authentication.
When I telnet in and type:
HELO servername
MAIL FROM:<[email protected]>
RCPT TO:<[email protected]>
It sends with no problem. I guess it's because it's a locally hosted domain.
Is it possible to make SMTP authentication a prerequisite even for local users and domains? So basically, I want SMTP authentication as a requirement regardless of where the mail is being sent.
I've scoured the Plesk administration and can't find anything, but I may have overlooked something important.
As an aside question, I looked at the header for the message and it gives an "invoked by uid" ID. I checked the passwd file for that ID and found it to be "POP3 service". Is that something to worry about? Does that mean the mails are being sent through POP3 somehow?
Any and all help would be very much appreciated
Overnight, one of my e-mail addresses has received 400 SPAM e-mails!
I've checked the server to see if relaying was the problem, and I don't think it is. The Plesk option (Server->Mail->Relaying) is set to "authorization is required - SMTP".
I used various web services to verify, and I even installed mrt ( Mail Relay Tester - http://www.monkeys.com/mrt/ ).
I've tried telnetting into the server and issuing various exploits, such as:
HELO servername
MAIL FROM:<[email protected]>
RCPT TO:<[email protected]>
I always receive the appropriate message about the host not being in the rcpthosts file.
So I believe everything is secure (however if I'm wrong, please tell me!
)The problem as far as I can see, is a spammer is able to send mail to any of my locally hosted domains without SMTP authentication.
When I telnet in and type:
HELO servername
MAIL FROM:<[email protected]>
RCPT TO:<[email protected]>
It sends with no problem. I guess it's because it's a locally hosted domain.
Is it possible to make SMTP authentication a prerequisite even for local users and domains? So basically, I want SMTP authentication as a requirement regardless of where the mail is being sent.
I've scoured the Plesk administration and can't find anything, but I may have overlooked something important.
As an aside question, I looked at the header for the message and it gives an "invoked by uid" ID. I checked the passwd file for that ID and found it to be "POP3 service". Is that something to worry about? Does that mean the mails are being sent through POP3 somehow?
Any and all help would be very much appreciated
