Stop Mail Relay
example.com is a domain in my server. While testing using telnet, I can see example.com is open for relay and anyone can send mail from example.com without any authentication. How can we stop this?
Please see following test I have done.
# telnet mail.example.com 25
Trying 10.10.10.10 ...
Connected to mail.example.com.
Escape character is '^]'.
220-mailserver.example.com ESMTP Exim 4.92 #2 Sat, 28 Sep 2019 06:46:11 -0400
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.
HELO any.name.com
250 mailserver.example.com Hello any.name.com [1.2.3.4]
MAIL From:
250 OK
RCPT to:
250 Accepted
DATA
354 Enter message, ending with "." on a line by itself
From:
To:
Subject: hello
.
250 OK id=1iEAFE-0002EJ-J2
QUIT
221 mailserver.example.com closing connection
Connection closed by foreign host.
-
Did you do that locally within the server or you used telnet remotely? If local, try using a remote connection to relay. 0 -
I have tried this remotely. I have tried from many remote locations and all of them worked 0 -
Can you PM me the server IP? cPanel by default does not act as an open relay. 0 -
example.com is a domain in my server. While testing using telnet, I can see example.com is open for relay and anyone can send mail from example.com without any authentication. How can we stop this? Please see following test I have done.
# telnet mail.example.com 25 Trying 10.10.10.10 ... Connected to mail.example.com. Escape character is '^]'. 220-mailserver.example.com ESMTP Exim 4.92 #2 Sat, 28 Sep 2019 06:46:11 -0400 220-We do not authorize the use of this system to transport unsolicited, 220 and/or bulk e-mail. HELO any.name.com 250 mailserver.example.com Hello any.name.com [1.2.3.4] MAIL From: 250 OK RCPT to: 250 Accepted DATA 354 Enter message, ending with "." on a line by itself From: To: Subject: hello . 250 OK id=1iEAFE-0002EJ-J2 QUIT 221 mailserver.example.com closing connection Connection closed by foreign host.
As far as I understand you are not relaying email, you are connecting to mailserver.example.com and sending mail to mail@example.com, which is in the same server. You don't need to authenticate to do that.0 -
An open relay is defined as the following: An open relay (sometimes called an insecure relay or a third-party relay) is an SMTP e-mail server that allows third-party relay of e-mail messages. By processing mail that is neither for nor from a local user, an open relay makes it possible for an unscrupulous sender to route large volumes of spam. So in order to be a relay your server needs to relay mail for domains that are not on the server. The proper test for this would be to do something like following: $ telnet server.myserver.us 25 Trying ... Connected to server.myserver.us. Escape character is '^]'. 220-server.myserver.us ESMTP Exim 4.92 #2 Fri, 04 Oct 2019 11:37:51 -0500 220-We do not authorize the use of this system to transport unsolicited, 220 and/or bulk e-mail. EHLO cpanel.net 250-server.myserver.us Hello cpanel.net [] 250-SIZE 52428800 250-8BITMIME 250-PIPELINING 250-STARTTLS 250 HELP MAIL FROM: junk@junk.com 250 OK RCPT TO: junk@morejunk.com 550-Please turn on SMTP Authentication in your mail client. 550-hou-2.nat.myoffice.net (cpanel.net) []:35293 is not permitted 550 to relay through this server without authentication.
Where neither the MAIL FROM: or RCPT TO: domains exist on the server. You can also use some tools that exist if you'd like to skip having to use telnet, mxtoolbox makes a really reliable Open Relay test which can be found here:0
Please sign in to leave a comment.
Comments
5 comments