Why is my mail server an open relay?

[jez9999]

http://verify.abuse.net/relay.html

This site tells me, when I enter my domain name, that my mail server appears to be an open relay. In addition, when I register for abuse.net and try and get it to send an e-mail to me, that e-mail successfully arrives. This would suggest that my host is acting as an open relay!

As cPanel is what writes exim.conf (I make changes, they're liable to be overwritten), I'm guessing it's cPanel's responsibility to tighten this up. Why on earth is my host acting as an open relay? How can I stop it with cPanel?

[servertechs]

You need to check this with your hosting provider as cpanel server has open relay closed by default.

[cPanelDavidG]

Quote:

Originally Posted by jez9999

http://verify.abuse.net/relay.html

This site tells me, when I enter my domain name, that my mail server appears to be an open relay. In addition, when I register for abuse.net and try and get it to send an e-mail to me, that e-mail successfully arrives. This would suggest that my host is acting as an open relay!

As cPanel is what writes exim.conf (I make changes, they're liable to be overwritten), I'm guessing it's cPanel's responsibility to tighten this up. Why on earth is my host acting as an open relay? How can I stop it with cPanel?

cPanel/WHM does not natively support open relaying. However, if you are logged in successfully via POP3 or IMAP, the workstation you are connecting from is whitelisted for sending mail for 30 minutes, meaning SMTP authentication will not be required for sending email during that period of time. Many often mistake this for open relaying.

If this is not the scenario you are experiencing, I recommend you let our technical analysts take a look at your server as being an open relay can cause problems such as your server becoming blacklisted for sending spam.

[djmerlyn]

For the first time today, PCI failed me because port 25, port 465, and port 587 are open relays.

A month ago when I was scanned I didn't have any open relays.

If cpanel is not an open relay by default, then where should a cpanel user/operator check to make sure that indeed there is nothing wrong with the cpanel configuration and it is not an open relay?

Pretty tough to tell for sure when PCI fails you, but all available tests show it as being OK...surely McAfee can't be that faulty lol;
open relay test - Google Search

[britsenigma]

don't get me started with mcafee...

[djmerlyn]

Quote:

Originally Posted by britsenigma

don't get me started with mcafee...

I know huh, still begs the question who is right though

[Spiral]

Quote:

Originally Posted by britsenigma

don't get me started with mcafee...

Amen, brother!

To jez9999, there are about a million ways your server could be misconfigured or
possibly even compromised with abusive scripts that could lead to an open relay
type condition. Incidentally, your receiving mail from anyone is no test or
confirmation of any open relay. That question is only answered if non-authenticated
users from outside your server can send to destination also outside your server.

[kran]

Quote:

Originally Posted by Spiral

Amen, brother!

To jez9999, there are about a million ways your server could be misconfigured or
possibly even compromised with abusive scripts that could lead to an open relay
type condition. Incidentally, your receiving mail from anyone is no test or
confirmation of any open relay. That question is only answered if non-authenticated
users from outside your server can send to destination also outside your server.

All my servers went open Relay after I upgaded to Last Stable release.

[cPanelDavidG]

Quote:

Originally Posted by kran

All my servers went open Relay after I upgaded to Last Stable release.

By this statement, do you mean that your servers were reported as being an open relay or do you mean your servers actually are an open relay (anyone can send mail via your server without any authentication)?

[kran]

It was just my firewall (I upgrade Cpanel and the firewall) and it was giving me RELAY alerts after a successful authentication.