Domain is sending spam when Allow scripts and users to use Sendmail option is disabled and Outgoing Mail Control is enabled.

Created:

2016-11-16 13:17:04 UTC

Modified:

2017-08-16 16:05:18 UTC

0

Was this article helpful?


Have more questions?

Submit a request

Domain is sending spam when Allow scripts and users to use Sendmail option is disabled and Outgoing Mail Control is enabled.

Applicable to:

  • Plesk 12.5 for Linux
  • Plesk 11.x for Linux
  • Plesk 12.0 for Linux

Symptoms

  • Domain is sending spam emails with enabled Outgoing Mail Control and disabled "Allow scripts and users to use Sendmail"
  • Mails sent from scripts are not presented in the Postfix mail queue

Cause

Spam is sent directly to recipients via SMTP protocol or via other mail server acting as open relay.

Resolution

Disable scripts to send mail to non-local server via SMTP with firewall.Create an iptables rule with owner match to pass SMTP traffic only from a postfix and root users.
The following sample rule will block outgoing SMTP traffic not from postfix to non-local server IP addresses.

# iptables -I OUTPUT  -p tcp --dport 25 -m owner ! --gid-owner mail ! -d <your_server_ip_addresses> -j REJECT

Additional details could be obtained in a iptables manual or in iptables tutorial

Otherwise, to mitigate the risk, you should remove 127.0.0.1 from whitelist and enforce SMTP authentication.

Have more questions? Submit a request
Please sign in to leave a comment.