1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

SMTP Issue

Discussion in 'Plesk for Linux - 8.x and Older' started by Ryan Sweeney, Apr 8, 2010.

  1. Ryan Sweeney

    Ryan Sweeney Guest

    0
     
    Hey Guys,

    Well it seems anyone can send mail thru Plesk servers to any domain that's hosted on the server...

    Umm this opens a bit of a security hole...

    How does one block this... so only authenticated users can send thru server

    Yeah i have SMTP and POP3 ticked under mail relay in Server-> Mail

    Thanks
    Ryan
     
  2. Faris Raouf

    Faris Raouf Silver Pleskian Plesk Guru

    31
    30%
    Joined:
    Mar 15, 2009
    Messages:
    667
    Likes Received:
    17
    I'm afraid I don't understand your problem. I suspect I have misunderstood, or maybe there was a typing error in your message?

    You said:
    As long as it is only to any domain hosted on your server (and not to any external domain) then this is how email is supposed to work. Specifically, to make email work at all anyone at all MUST be allowed to connect on port 25 and be allowed to send email to any domain on your server. If this was not the case then it would be impossible for any external email to be delivered to your domains's mailboxes.

    But igniring that, if you really and truly only want authenticated users to be able to deliver email to your mailboxes on your server then you could block port 25 using a firewall. This would stop all external email from arriving at your server. Then you would enable the submission port (via the Plesk control panel), which works on port 587 and ONLY allows authenticated users to send email, and ask all your users to change their email programs to use port 587 instead of 25.

    Faris.
     
Loading...