The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

smtplib / SECURITY PROBLEM

Discussion in 'E-mail Discussions' started by netlook, Jun 28, 2004.

  1. netlook

    netlook Well-Known Member
    PartnerNOC

    Joined:
    Mar 25, 2004
    Messages:
    335
    Likes Received:
    0
    Trophy Points:
    16
    Hello,

    This is my test:

    I attempt do connect by Phyton interpreter with my serwer: mail.mydomain.com

    >>> import smtplib
    >>> s = smtplib.SMTP('mail.aplus.pl')
    >>> s.sendmail('From: MYDOMAIN <info@mydomain.com>','To: HIM <him@him.com>','From: MYDOMAIN <info@mydomain.com>\nSubject: Support')

    In few seconds Ive recived a message from info@mydomain.com on my box: him@him.com

    I didnt wrote a password to SMTP or something, how to secure this to prevent users who know Phyton sending mails from my server without authorization?
     
  2. techark

    techark Well-Known Member

    Joined:
    May 22, 2002
    Messages:
    280
    Likes Received:
    0
    Trophy Points:
    16
    Your IP is cached and listed as a authorized user, try the same test from a different IP address that has never been used to send mail from the server and see if it works.
     
  3. netlook

    netlook Well-Known Member
    PartnerNOC

    Joined:
    Mar 25, 2004
    Messages:
    335
    Likes Received:
    0
    Trophy Points:
    16
    How to solve the problem, is there any way to delete those IP's form authorized lists?
     
  4. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    The antirelayd process controls POP before SMTP. The file that contains the IP addresses that can relayd for 30minutes after POPing is /etc/relayhosts
     
Loading...

Share This Page