Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Prevent relaying

Discussion in 'E-mail Discussion' started by maquinadigital, Dec 26, 2011.

  1. maquinadigital

    maquinadigital Well-Known Member

    Joined:
    Aug 10, 2006
    Messages:
    52
    Likes Received:
    1
    Trophy Points:
    158
    cPanel Access Level:
    DataCenter Provider
    greetings,

    I have a small problem with some clients. They are my clients for some domains, use POP3, SMTP, etc, but, at the same time, are clients for other companies but use my server as SMTP server.

    So, my question is, how can I prevent the use of my SMTP server from hosts that are being relayed by tailwatchd, and, of course, correctly relayed. Is there some way to relay only localdomains?

    This rule has to come before the /etc/relayhosts rule, of course.

    Best regards and a Happy 2012!
     
  2. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,608
    Likes Received:
    32
    Trophy Points:
    238
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    IPs can only be listed in /etc/relayhosts file if they have authenticated first. This means that the user has to have already authenticated to be in that file. You can always disable antirelayd from allowing POP3 before SMTP authentication if you only want to allow SMTP authentication directly. WHM > Service Manager has antirelayd listed, which could be unchecked there for a service.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. maquinadigital

    maquinadigital Well-Known Member

    Joined:
    Aug 10, 2006
    Messages:
    52
    Likes Received:
    1
    Trophy Points:
    158
    cPanel Access Level:
    DataCenter Provider
    Yes, they have autenticated because they are our clients.

    The problem is that they have domain1.com in our servers but they are using them to send emails from domain2.com also and, domain2.com are not hosted in our servers.
    I want to prevent that.

    Forcing all users to use SMTP authentication now it's almost impossible.

    The only solution would be to customize EXIM to deny domains not listed in /etc/localdomains BEFORE the rule that relays every IP in /etc/relayhosts.

    Would you agree with that or are your seeing any other way?
     
  4. maquinadigital

    maquinadigital Well-Known Member

    Joined:
    Aug 10, 2006
    Messages:
    52
    Likes Received:
    1
    Trophy Points:
    158
    cPanel Access Level:
    DataCenter Provider
    By the way, I used to use ASSP and it allowed that. Unfortunatly, I had major problems regarding performance with large emails and had to leave ASSP.
     
  5. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,608
    Likes Received:
    32
    Trophy Points:
    238
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. storminternet

    storminternet Well-Known Member

    Joined:
    Nov 2, 2011
    Messages:
    460
    Likes Received:
    0
    Trophy Points:
    66
    cPanel Access Level:
    Root Administrator
    If you are experiencing spoofing for your email accounts then it is recommended to have enabled spf records for your domains.
    Though it will not prevent email forgery but it will help you to trace the spammers easily.
    Also make sure to reset/change password of all your email accounts. If any one of your email account got hacked, spammers can easily send spams/spoffed emails through it :p
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice