Everyone can send mail from the server without authorization. I think that relaying is opened on my server. How can I stop it?
To check if your server is really acting as an open relay try to connect to it from another server and send a message to an external email address:
# telnet <YOUR_SERVER_IP> 25
Connected to <YOUR_SERVER_IP>.
Escape character is '^]'.
220 hostname ESMTP Postfix
mail from: firstname.lastname@example.org
250 2.1.0 Ok
rcpt to: email@example.com
554 5.7.1 <firstname.lastname@example.org>: Relay access denied
If you see an output similar to the one shown above, your server is not an open relay. Otherwise, if you see a reply like
250 2.1.5 Ok , then your server is indeed acting as an open relay and you need to proceed to the resolution part below.
Note: When sending messages to an email address hosted on the same server authorization is usually not required, and such behavior is not considered as an open relay. The same applies to sending messages locally from the server.
If you find that your server is acting as an open relay, please check the following:
- Go to Tools & Settings -> Mail Server Settings and check the relaying setting in the server-wide mail preferences:
It should be set authorization is required .
- On the same page check the white list and make sure that there are no unwanted IPs/networks. By default, the list should contain only
::1 / 128. This record means that authorization is required for all IPs except
::1 / 128. That allows mail to be sent via Webmail.
However, if you wanted to add more security, whitelist should be cleaned, webmail configured for SMTP authentication. Afterwards all scripts which is not support SMTP authentication will stop working, usually maliscious scripts not able to do SMTP authentication.
- Check if this article can fix your issue:
6114 [Info] Parallels Plesk Panel is overloaded with spam messages because it works as open relay
Check that the SMTP is served by Qmail (or Postfix starting from Plesk v. 9), but not by another software (see this article: 1837 ).
If the server has been acting as an open relay for a long time, it is probably flooded with SPAM. Check how many messages there are in the queue using " $QMAIL\_ROOT\_D /bin/qmail-qstat". If the queue contains too many messages, see this article .