Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Exim bug, you can send email from "one" domain to the "same" domain without Auth.

Discussion in 'E-mail Discussion' started by mohamed_gaber, Oct 11, 2004.

  1. mohamed_gaber

    mohamed_gaber Member

    Mar 4, 2003
    Likes Received:
    Trophy Points:

    If you try to telnet to any Exim mail server :
    telnet 25

    Then you try to send email from "one" domain to the "same" domain on that "same" server, it will be routed successfully without Auth.

    I know that is not a serious problem, or considered an open relay, but still it can be inconvenient for some server admins.

    An Example illustrating that :
    C:> telnet 25 ESMTP Exim 4.43 #1 Mon, 11 Oct 2004 10:54:12 +0300
    220-We do not authorize the use of this system to transport unsolicited,
    220 and/or bulk e-mail.
    250 Reset OK
    250 Hello []
    mail from:<[email protected]>
    250 OK
    rcpt to:<[email protected]>
    250 Accepted
    354 Enter message, ending with "." on a line by itself
    from: [email protected]
    to: [email protected]
    subject: testttttttttttttt

    the body message
    250 OK id=1CGv1G-0000yP-S8
  2. chirpy

    chirpy Well-Known Member Verifed Vendor

    Jun 15, 2002
    Likes Received:
    Trophy Points:
    Go on, have a guess
    That's how SMTP works and always has done, it's certainly not a bug in Exim. If you accept email to be delivered to a domain on your server, then you never require authentication when relaying to your server, no matter where it is from. You only require authentication when relaying through your server.
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice