• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Qmail SMTP Relay

I

igareth

Guest
Hello,

After updating our server, I noticed we had hundreds of spam email message in the queue. An account had been hacked so I altered the password, and it stopped it. - we have SMTP AUTH on.

The messages were from a different address to of the account. I had a feeling that before going to 11.x that even with SMTP Auth, qmail would only send with hosted domains - was I wrong?

Can qmail be setup to limit relay via SMTP Auth to only hosted domains?

Thanks for any help.
 
Ideally when you have enabled SMTP authentication it means that ONLY those domains authenticated with an email address and password hosted on your server can send email through SMTP on your server.

So, if that is not what is happening, check the following:

1. Make sure you have enabled SPF in email settings .This will reduce on the spammers that pretend to be you when some times its not you sending email.

2. Make sure the email is not coming from a compromised form on any of the hosted domain names.

3. And ofcourse ensure you have closed rileys.
 
When someone successfully does an SMTP auth, they can send email "From:" any domain they want - the "From:" doesn't get looked at.

This isn't so bad really. If the bad guys get credentials to authenticate, it makes little difference who the "From:" is. In fact it is better that it isn't "From:" the user in question, as otherwise they would be deluged with bounces and it could cause a load issue on the server.

There are undoubtedly several situations where a restriction would be of benefit, of course. One that I can think of is a customer calling you to say they are getting lots of bounces, which might help you notice a spamming run sooner than otherwise, I suppose.

Rate-limiting smtp might be a good thing to do and would help here. I've not done it myself as I use qmail, but I understand that postfix's anvil features rate limiting.
 
For QMail you can try the following:

1. Recipients Limits

vi /var/qmail/control/maxrcpt

Then set your own number eg 50

Then: /etc/init.d/qmail restart

2. Stopping QMail Double Bounces

vi /var/qmail/control/doublebounceto

and add '#' in that file. NB: only #
 
You must log in or register to reply here.

Similar threads

B
Question Plesk email relay incoming emails to another server
Replies
1
Views
296
bit
B
Erwin Fiten
Question Spam sent from my server by other hosts ???
Replies
4
Views
558
Bitpalast
Bitpalast
wakabayashi
Resolved Fail2Ban - Postfix not working for SASL (bug?)
Replies
4
Views
2K
mizar
mizar
V
Issue Smarthost + SRS = relay?
Replies
2
Views
10K
vanlier
V
mapodec
Resolved Emails sent from Plesk accounts are not delivering only to Google Workspace
Replies
2
Views
688
mapodec
mapodec
Back
Top