1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

SMTP Server no authentication needed!!!

Discussion in 'Plesk for Linux - 8.x and Older' started by loopy, Oct 18, 2006.

  1. loopy

    loopy Guest

    Dear all,

    I'm having a big security hole on my plesk server and I'd like to know if anyone else has this issue before I'm going to contact Swsoft.

    I can use ANY smtp-server from my customers without ANY authentication. Mails will just be send :mad:

    On the server-side smtp-authentication is set.
    But this has no effect to the mail-accounts for the domains.

    Tested with Outlook (just added the smtp server, no authentication, no pass set) and several domains of my customers.

    Plesk 8.0.1 is installed.

  2. pdreissen

    pdreissen Guest

    Are you sending mail to Domains which you have configured in plesk ? If yes, than it is no problem.

    If you are sending to domains which aren't configured in plesk, then you need to check the setting under:

    Server - Mail - Relaying

    Set it to authentication required ( you can optional set the smtp or pop3 auth)

    If that still doesn't work, please post the /etc/xinit.d/smtp_psa content here!
  3. loopy

    loopy Guest

    Hello Pascal,

    - Server is set to authentication required (for POP3 and SMTP).

    - I have no IPs/Networks in white list on the "Server->Mail->White List" in Plesk CP (only, which is needed to allow mail sending from Webmail).

    - SMTP is served by Plesk Qmail
    I can send mails to everybody, not only to domains which are configured in Plesk.
    I have no clue where's the problem :confused:

    Anyway, here is my smtp_psa

    I already went through the knowledgebase and found the following articles regarding this issue (if anyone has the same problem).
    Anyway, it didn't fix my problem.

    Knowledgebase articles

    - Article ID #1394
    Everyone can send mail from the server without authorization, I think that relaying is opened on my server, how can I stop it?

    - Article ID #1387
    How can I check that SMTP Plesk service is running OK on the server?

    - Article ID #766
    The server is overloaded with SPAM. There are many messages in queue. Mail is delivered slowly.
  4. loopy

    loopy Guest

    Authentication works again, please don't ask me what was the problem.

    I decided to reboot the server in the night and that was it then.
    Works again as it should :)
  5. flaccid

    flaccid Guest