- Plesk 12.5 for Linux
- Plesk 11.0 for Linux
- Plesk 11.5 for Windows
- Plesk 11.5 for Linux
- Plesk 12.0 for Windows
- Plesk 12.0 for Linux
Everyone can send mail from the server without authorization. I think that relaying is opened on my server. How to stop it?
To check if the server is really acting as an open relay try to connect to it from another server and send a message to an external email address:
# telnet <YOUR_SERVER_IP> 25
Connected to <YOUR_SERVER_IP>.
Escape character is '^]'.
220 hostname ESMTP Postfix
mail from: email@example.com
250 2.1.0 Ok
rcpt to: firstname.lastname@example.org
554 5.7.1 <email@example.com>: Relay access denied
If you see an output similar to the one shown above, your server is not an open relay. Otherwise, if you see a reply like
250 2.1.5 Ok
, then the server, indeed, is acting as an open relay and you need to proceed to the resolution part below.
Note: When sending messages to an email address hosted on the same server authorization is usually not required, and such behavior is not considered as an open relay. The same applies to sending messages locally from the server.
If you find that your server is acting as an open relay, please check the following:
- Go to Tools & Settings -> Mail Server Settings and check the relaying setting in the server-wide mail preferences:
It should be set authorization is required .
On the same page check the white list and make sure that there are no unwanted IPs/networks. By default, the list should contain only
::1 / 128. This record means that authorization is required for all IPs except
::1 / 128. That allows mail to be sent via Webmail.
However, if you wanted to add more security, whitelist should be cleaned, webmail configured for SMTP authentication. Afterwards all scripts which is not support SMTP authentication will stop working, usually maliscious scripts not able to do SMTP authentication.
Check that the SMTP is served by Qmail (or Postfix starting from Plesk v. 9), but not by another software (see this article: 213414669 ).
If the server has been acting as an open relay for a long time, it is probably flooded with SPAM. Check how many messages there are in the queue using " $QMAIL\_ROOT\_D /bin/qmail-qstat". If the queue contains too many messages, see this article .