The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

*REQUIRE* SMTP auth?

Discussion in 'E-mail Discussions' started by jez9999, Apr 18, 2006.

  1. jez9999

    jez9999 Well-Known Member

    Joined:
    Jun 10, 2005
    Messages:
    87
    Likes Received:
    0
    Trophy Points:
    6
    Hi,

    How do I make my cPanel server *REQUIRE* SMTP authentication to send e-mails? I don't even want to allow POP-before-SMTP. You MUST use SMTP auto to send or it won't send.
     
  2. dave9000

    dave9000 Well-Known Member

    Joined:
    Apr 7, 2003
    Messages:
    891
    Likes Received:
    1
    Trophy Points:
    16
    Location:
    arkansas
    cPanel Access Level:
    Root Administrator
    Not for sure on this but I believe you can shutdown authrelayd and this will stop the pop before smtp and should require authenication before smtp will accept mail

    Chirpy will be online later tonight and he should be able to verify this or supply another way to handle it
     
  3. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Yup. You need to disable both check boxes in WHM > Service Manager > for antirelayd and then check that antirelayd is stopped. If not, just restart exim.
     
  4. RickG

    RickG Well-Known Member

    Joined:
    Feb 28, 2005
    Messages:
    238
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    North Carolina
    After following Chirpy's suggestion, I would also check (and clear out) any values in /etc/relayhosts and /etc/relayhostsusers which are updated when POP-before-SMTP is active.
     
  5. jez9999

    jez9999 Well-Known Member

    Joined:
    Jun 10, 2005
    Messages:
    87
    Likes Received:
    0
    Trophy Points:
    6
    Thanks. It seems to be requiring SMTP auth now. I think the values in /etc/relayhosts and /etc/relayhostsuers were causing it to still accept POP before auth, as they stay even after the daemon is killed.
     
  6. dave9000

    dave9000 Well-Known Member

    Joined:
    Apr 7, 2003
    Messages:
    891
    Likes Received:
    1
    Trophy Points:
    16
    Location:
    arkansas
    cPanel Access Level:
    Root Administrator
    Glad ya got it :)

    Have a good weekend
     
  7. gemininetcom

    gemininetcom Active Member

    Joined:
    Nov 29, 2003
    Messages:
    36
    Likes Received:
    0
    Trophy Points:
    6
    Jonathan,

    I experience same situation, i.e. SMTP does not seem to require authentication from e-mail client while relaying. I cleared 2 boxes in WHM > Service Manager > for antirelayd and also cleared files /etc/relayhosts and /etc/relayhostsusers of old entries. Restarted exim, but still same problem that SMTP does not require authentication from e-mail client. Any suggestions?
     
  8. mairj23

    mairj23 Member

    Joined:
    Jul 2, 2005
    Messages:
    13
    Likes Received:
    0
    Trophy Points:
    1
    same probelm I restart exim trough WHM:
    Waiting for exim to restart.... . . . . . . . . . . finished.

    exim status

    mailnull 23076 0.0 0.2 7900 5452 ? S 15:01 0:00 eximstats
    mailnull 4057 0.0 0.0 7320 1124 ? Ss 21:23 0:00 /usr/sbin/exim -bd -q60m
    mailnull 4065 0.0 0.0 7320 1048 ? Ss 21:23 0:00 /usr/sbin/exim -tls-on-connect -bd -oX 465
    mailnull 4143 0.0 0.1 10292 2296 ? S 21:24 0:00 /usr/sbin/exim -odi -Mc 1GmFgP-00014U-WF
    antirelayd is disabled

    Service: [exim] has been disabled by the sys admin

    but nothing change.
     
  9. jez9999

    jez9999 Well-Known Member

    Joined:
    Jun 10, 2005
    Messages:
    87
    Likes Received:
    0
    Trophy Points:
    6
    Darnit. I once again have to report I'm also having the same problem as above. I've moved to a new dedicated server, have unchecked 'antirelayd' in WHM service manager, cleaned /etc/relayhosts and /etc/relayhostsusers and rebooted the machine. It STILL lets me send SMTP mail even though the wrong password is entered. ARGHHH!

    Why is the system so damn keen to send mail via SMTP? I WANT TO REQUIRE AUTHENTICATION, damnit!!!
     
  10. mickalo

    mickalo Well-Known Member

    Joined:
    Apr 16, 2002
    Messages:
    765
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    N.W. Iowa
    did you restart Exim to make sure the antirelayd isn't running ??

    Mickalo
     
  11. The WebDruid

    The WebDruid Member

    Joined:
    Sep 1, 2006
    Messages:
    13
    Likes Received:
    0
    Trophy Points:
    1
    I've ticked the boxes, emptied /etc/relayhostsusers and /etc/relayhosts, and restarted Exim. Authentication is still not required on my SMTP.

    What can be done?


    Thanks,

    Andrew
     
  12. RickG

    RickG Well-Known Member

    Joined:
    Feb 28, 2005
    Messages:
    238
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    North Carolina
    On my system there is an empty file called antirelayddisable in the /etc directory. Does this exist on your system? If not ...

    1) Create the file: touch /etc/antirelayddisable
    2) Restart Exim via /scripts/restartsrv_exim
    3) After the restart, empty /etc/relayhostsusers and /etc/relayhosts.
    4) Test

    Hope this helps.
     
  13. Onyx

    Onyx Member

    Joined:
    May 28, 2006
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    Thank you all for these steps. I am, like Andrew, still suffering from an open SMTP server. I followed all suggestions on this thread, including disabling the antirelay process and cleaning out the /etc/relayhosts* files. Exim has been restarted this way and that, and I have confirmed that antirelay is not running.

    Still, I can easily send out email through the server without any authentication. I assume this is because the POP-before-SMTP conditions have been met, but why is that still in effect after I've cleared everything out and restarted? Any ideas on how to really require SMTP authentication?
     
  14. cnd_rex

    cnd_rex Registered

    Joined:
    Oct 17, 2005
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Hello,

    I'm suffering from this same problem and can not find any answers. I have antirelayd off in WHM, no instances of it running. I have cleared both /etc/relayhostsusers and /etc/relayhosts as well as forced eximup...

    I am at a loss and was wondering if anyone might have any further ideas/suggestions/help.

    Thanks!
     
  15. cnd_rex

    cnd_rex Registered

    Joined:
    Oct 17, 2005
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
  16. NirvClub

    NirvClub Member

    Joined:
    Jan 24, 2006
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    doesn't anyone know how to prevent the fact that anyone can use your server's SMTP to potentially send spam? Getting solid information about Exim is almost possible.
     
    #16 NirvClub, Feb 20, 2007
    Last edited by a moderator: Feb 22, 2007
  17. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    What makes you think that anyone can use your exim configuration to send spam? The default cPanel configuration of it certainly doesn't. There's extensive documentation for exim over at www.exim.org - more than I've seen for any MTA.
     
Loading...

Share This Page