Email Spoofing
Hi All,
Please help me, I can send email through telnet how to prevent this ?
I make this instruction but not work
- Removed -
So, when I open telnet end make this steps I can send email from any domain present on my server:
my system is: CENTOS 6.9 kvm [srv] WHM v68.0.38
telnet
ehlo example.com
mail from: info@localdomain.com
rcpt to: email@anydomain.com
data
Subject: My Telnet Test Email
Hello,
This is an email sent by using the telnet command.
Your friend,
Me
.
quit
my system is: CENTOS 6.9 kvm [srv] WHM v68.0.38
-
Yep! Now you know how SMTP works. 0 -
Yep! Now you know how SMTP works.
Thanks, But my question, how to disallow to send email through telnet (SMTP) without authentication ? This is my log, when I connect through telnet to my server and try to send email:May 20 18:26:47 srv dovecot: lmtp(8977): Connect from local May 20 18:26:47 srv dovecot: lmtp(mail@domain.com): msgid=: saved mail to INBOX.Junk May 20 18:26:48 srv dovecot: lmtp(8977): Disconnect from local: Successful quit May 20 18:27:11 srv dovecot: lmtp(8977): Connect from local May 20 18:27:12 srv dovecot: lmtp(to@domain.com): msgid=unspecified: saved mail to INBOX May 20 18:27:12 srv dovecot: lmtp(8977): Disconnect from local: Successful quit0 -
Hello @stronciy, It looks like you opened a support ticket for this topic (#9586143). Here's the response from one of our Technical Analysts: [QUOTE] Currently on your server, authentication is forced for outgoing messages. The example you provided, showed delivery to a local address (an incoming message). An outgoing message will have the following: ===== MAIL FROM: anymail@local-domain.tld RCPT TO: test@remote-domain.tld ===== This would force Exim to deliver a message to the remote mail server, which would require authentication, and be denied. If you set the 'RCPT TO:' value to a local address, then this is an incoming message, and will follow the normal delivery rules set in Exim.
Thank you.0
Please sign in to leave a comment.
Comments
3 comments