The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

cPanel and relay

Discussion in 'E-mail Discussions' started by PeterMcD, Jun 25, 2010.

  1. PeterMcD

    PeterMcD Registered

    Joined:
    Jun 25, 2010
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Hi

    I have been looking into how pop3 and smtp work etc due to a project I am currently working on. I was a bit surprised when I was able to send out as a relay but the server had the antirelayd enabled.

    On investigation I find that it allows you to relay if you have sent email while logged in within the last 30 minutes from that IP.

    For example the following log is from not long after I used my mail client:

    Code:
    220-flexiwebhost.flexiwebhost.com ESMTP Exim 4.69 #1 Fri, 25 Jun 2010 21:38:35 +
    0000
    220-We do not authorize the use of this system to transport unsolicited,
    220 and/or bulk e-mail.
    mail from:<testing@testing.com>
    250 OK
    rcpt to: <test@test.com>
    250 Accepted
    The following is after I renewed my connection IP:

    Code:
    220-flexiwebhost.flexiwebhost.com ESMTP Exim 4.69 #1 Fri, 25 Jun 2010 21:47:13 +
    0000
    220-We do not authorize the use of this system to transport unsolicited,
    220 and/or bulk e-mail.
    HELO petermcdonald.co.uk
    250 flexiwebhost.flexiwebhost.com Hello host.MYIP.range.btcentralpl
    us.com [MYIP]
    mail from:<testing@testing.com>
    250 OK
    rcpt to: <test@test.com>
    550-hostMYIP.range86-161.btcentralplus.com (petermcdonald.co.uk)
    550-[MYIP] is currently not permitted to relay through this server.
    550-Perhaps you have not logged into the pop/imap server in the last 30 minutes
    550 or do not have SMTP Authentication turned on in your email client.
    As you can see the first test allowed me to send using a relay while the 2nd did not. Assuming my testing is not flawed (please let me know if it is) is there any way to override this behaviour to completely disable relaying? Also (although I know this is not a cPanel issue) why is this behaviour the default behaviour? Just because someone can login to the server does nolt mean they should be able to relay and use the server to spoof emails etc.
     
  2. nxweb

    nxweb Active Member

    Joined:
    Oct 29, 2008
    Messages:
    37
    Likes Received:
    0
    Trophy Points:
    6
    That is normal behavior. If you have POPPED in the last 30 minutes, you can SMTP as well.
     
  3. PeterMcD

    PeterMcD Registered

    Joined:
    Jun 25, 2010
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    The problem is not that i can send email without logging in. The problem is that I can send email spoofing any email I like.

    Surely this is a bit of a security risk. By all means they would need a username and password but just because they have those does not mean they should be able to send emails pretending to be Google, Microsoft or any other company.

    Just because they have a username and password does not mean they should be trusted.

    The only saving grace is that as the SPF record does not match the email gets flagged as spam at the recipient end if they make use of SPF records.
     
    #3 PeterMcD, Jun 27, 2010
    Last edited: Jun 27, 2010
  4. PeterMcD

    PeterMcD Registered

    Joined:
    Jun 25, 2010
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Ok have been advised by support that the behaviour can be disabled by disabling Antirelayd.

    The options name is a bit of a misnomer. Why would enabling something called Anti Relay allow people to relay through the server?
     
Loading...

Share This Page