• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

SMTP: How do I protect my local domains from spammers?

L

LeandroG

Guest
Hi everyone,

I recently upgraded to Plesk 9.3 (though it was the solution) but now I'm facing an escalating spam problem...

As long the spammer knows an internal email account he can send emails to all internal email accounts without knowing any password (and I have the SMTP Authentication option activated)

Here is an example...
Code: 
telnet mail.domain.com 25
Trying aaa.bbb.ccc.ddd...
Connected to mail.domain.com.
Escape character is '^]'.
220 mail.domain.com ESMTP
HELO
250 mail.domain.com
MAIL FROM:<[email protected]>    
250 ok
RCPT TO:<[email protected]>
250 ok
DATA
354 go ahead
From:<[email protected]>
To:<[email protected]>
Subject: SPAMMER ATTACK!

SPAM TEXT

.
250 ok 1274302485 qp 21736

502 unimplemented (#5.5.1)
QUIT
221 mail.domain.com
Connection closed by foreign host.

And an email was received by the user2 account...

How can I protect my local domains from these attacks? Should I upgrade to 9.5 ?

Any help would be appreciated

TIA
Leandro
 
Hi IgorG,

Thanks for your quick answer.

I have the DomainKeys spam protection activated (both 'Allow signing outgoing mail' and 'Verify incoming mail')
But the SPF I didnt set, specially because I need to send emails when I'm on the road (thru smtps)... is there a good rule I can use for these cases?

But is this a qmail issue ? Or I have something wrong with my smtp authentication ?
I though is was enough to activate the smtp authentication...

Thanks
Leandro
 
Last edited by a moderator:
Hi,
I discovered the same problem as LeandroG some time ago and did play with SPF already.
But I must say SPF is not working correctly.
I have Plesk 9.2.3 on Linux Debian and have activated SPF spam protection.
SPF checking mode is set to 4 (Reject if resolves to softfail)
When I connect via telnet from my home computer and try to pretend sending email from address, whose domain name has SPF record with ~all at the end (so it should produce softfail), I still do receive an email and the header states Neutral for SPF check.
There are even more funny things...
Some domains don't have SPF. When I receive emails from such domains I have the following header in emails:
Received-SPF: none (no valid SPF record)
Spammers can easily use such domains to pass SPF check, so I added a SPF guess rule:
v=spf1 +a +mx -all
As you see it should hardfail if IP is not corresponding to A record in DNS or to MX record, but I still get emails. The only thing, which changed by adding this guess rule is that emails have Neutral header for SPF now.

Is there a fix/patch to change incorrect behavior of SPF in Plesk?
 
You must log in or register to reply here.

Similar threads

H
Input directsmtp - its a link from plesk for linux to other SMTP (i.e. MS-Exchange w. SMTP connector )
Replies
1
Views
1K
hitd
H
F
SMTP server requires no authentication, huge issue!
Replies
2
Views
1K
Faris Raouf
F
P
Spam relaying via Plesk postix Mail Server
Replies
0
Views
3K
PaddingtonC
P
J
send Email from same domain not working?
Replies
5
Views
3K
Jeff (YaBB World)
J
J
Qmail accepts messages from non FQDN
Replies
5
Views
4K
trialotto
T
Back
Top