• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Plesk domains can submit emails through unauthenticated SMTP

T

TeunieP

Basic Pleskian
I am being plagued by unknown PHP scripts on infected domains that are sending spam out.
After finally having removed these scripts I want to prevent this from happening again.

My Plesk email settings are allready set at enable message submission (secure port 587 TLS and working fine with authentication) and authorisation required for SMTP relaying.
Also I am in the process of blocking PHP MAIL function on individual domains.

When I use TELNET to connect to my Plesk server over the internet I cannot relay to external domains without authenticating. So this is working fine.

However when CMS software like Prestashop or Joomla is used in one of the Plesk domains, they can set their emailfunction to SMTP port 25 and send mails OUT to EXTERNAL addresses without authenticating...
This is UNWANTED behavior.

So in short, I would like to block ALL UNAUTHENTICATED outgoing emails originating from within one of my Plesk domains.
Domain users should only be able to send mails when they authenticate with valid mailbox name and password.

How can I achieve this using Plesk 10.4.4?

Note:
When unauthenticated SMTP is used it shows "X-No-Auth: unauthenticated sender" in the email header.
So postfix does somehow note that the sender is not authenticated but however does not block sending.
 
Last edited:
Well, I removed "permit_mynetworks" for variable smtpd_recipient_restrictions in /etc/postfix/main.cf and restarted postfix.
This seems to have solved my issue.
Now unauthenticated SMTP can only send to domains residing within the Plesk server and relaying to outside email domains is prohibited.

Also added to main.cf for security reasons (for anyone interested;
smtpd_client_connection_count_limit = 20
smtpd_sasl_authenticated_header = yes
maximal_queue_lifetime = 1d

Now I only have to find a way to block sendmail php scripts...
 
You must log in or register to reply here.

Similar threads

F
Issue SOGo - emails sent from webmail, both manually created and autoresponder/vacation/out-of-office, are rejected. They miss spf, dkim, dmarc, everything
Replies
1
Views
408
Farfalk
F
B
Question Plesk email relay incoming emails to another server
Replies
1
Views
300
bit
B
wakabayashi
Question SMTP Firewall - is it possible to block brutforce attacks?
Replies
3
Views
635
Vladimir C.
V
Jürgen_T
Question Safe to enable postgrey with free Plesk Email Security (Amavis + SpamAssassin + ClamAV)?
Replies
1
Views
270
ChristophRo
ChristophRo
V
Issue Need Help with DKIM and SPF
Replies
2
Views
1K
nayoung109
N
Back
Top