Author Topic: How to stop unauthorised email from via SMTP server?  (Read 74 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
How to stop unauthorised email from via SMTP server?
« on: October 13, 2019, 09:57:19 AM »
Hi,
We have CWP pro installed in our VPS. We have our mail server running on it too.

Lets assume the domain we are running is abc.com.my

Spammer is able to send email from peter@abc.com.my (this is a valid email id) to peter@adiss.com.my

https://www.wormly.com/test-smtp-server

shows below log.

Code: [Select]
[code][code][tt][tt][tt][font=comic sans ms][font=verdana][tt][font=courier][font=courier]Resolving hostname...
Connecting...
Connection: opening to server.abc.com.my:25, timeout=300, options=array (
               )
Connection: opened
SERVER -> CLIENT: 220 server.abc.com.my ESMTP Postfix
CLIENT -> SERVER: EHLO tools.wormly.com
SERVER -> CLIENT: 250-server.abc.com.my
               250-PIPELINING
               250-SIZE 204800000
               250-ETRN
               250-STARTTLS
               250-AUTH PLAIN LOGIN
               250-AUTH=PLAIN LOGIN
               250-ENHANCEDSTATUSCODES
               250-8BITMIME
               250 DSN
CLIENT -> SERVER: STARTTLS
SERVER -> CLIENT: 220 2.0.0 Ready to start TLS
CLIENT -> SERVER: EHLO tools.wormly.com
SERVER -> CLIENT: 250-server.abc.com.my
               250-PIPELINING
               250-SIZE 204800000
               250-ETRN
               250-AUTH PLAIN LOGIN
               250-AUTH=PLAIN LOGIN
               250-ENHANCEDSTATUSCODES
               250-8BITMIME
               250 DSN
CLIENT -> SERVER: MAIL FROM:
SERVER -> CLIENT: 250 2.1.0 Ok
CLIENT -> SERVER: RCPT TO:
SERVER -> CLIENT: 250 2.1.5 Ok
CLIENT -> SERVER: DATA
SERVER -> CLIENT: 354 End data with .
CLIENT -> SERVER: Date: Sun, 13 Oct 2019 09:44:58 +0000
CLIENT -> SERVER: To: xxyz@abc.com.my
CLIENT -> SERVER: From: Wormly SMTP Test
CLIENT -> SERVER: Subject: Wormly SMTP Test Message
CLIENT -> SERVER: Message-ID:
CLIENT -> SERVER: MIME-Version: 1.0
CLIENT -> SERVER: Content-Type: text/plain; charset=iso-8859-1
CLIENT -> SERVER:
CLIENT -> SERVER: This message was sent using the Wormly SMTP testing tool by this user:
CLIENT -> SERVER: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36
CLIENT -> SERVER: 103.135.228.243
CLIENT -> SERVER:
CLIENT -> SERVER: .
SERVER -> CLIENT: 250 2.0.0 Ok: queued as 4D8B9630F8
CLIENT -> SERVER: QUIT
SERVER -> CLIENT: 221 2.0.0 Bye
Connection: closed
Message completed successfully.[/font][/font][/tt][/font][/font][/tt][/tt][/tt]
[/code][/code]

As long as the user exists in the mail server it allows. if we used nonexistent user then we get below error.


Code: [Select]
[tt]Resolving hostname...
Connecting...
Connection: opening to server.abc.com.my:25, timeout=300, options=array (
               )
Connection: opened
SERVER -> CLIENT: 220 server.abc.com.my ESMTP Postfix
CLIENT -> SERVER: EHLO tools.wormly.com
SERVER -> CLIENT: 250-server.abc.com.my
               250-PIPELINING
               250-SIZE 204800000
               250-ETRN
               250-STARTTLS
               250-AUTH PLAIN LOGIN
               250-AUTH=PLAIN LOGIN
               250-ENHANCEDSTATUSCODES
               250-8BITMIME
               250 DSN
CLIENT -> SERVER: STARTTLS
SERVER -> CLIENT: 220 2.0.0 Ready to start TLS
CLIENT -> SERVER: EHLO tools.wormly.com
SERVER -> CLIENT: 250-server.abc.com.my
               250-PIPELINING
               250-SIZE 204800000
               250-ETRN
               250-AUTH PLAIN LOGIN
               250-AUTH=PLAIN LOGIN
               250-ENHANCEDSTATUSCODES
               250-8BITMIME
               250 DSN
CLIENT -> SERVER: MAIL FROM:
SERVER -> CLIENT: 250 2.1.0 Ok
CLIENT -> SERVER: RCPT TO:
SERVER -> CLIENT: 550 5.1.1 : Recipient address rejected: User unknown in virtual mailbox table
SMTP ERROR: RCPT TO command failed: 550 5.1.1 : Recipient address rejected: User unknown in virtual mailbox table
CLIENT -> SERVER: QUIT
SERVER -> CLIENT: 221 2.0.0 Bye
Connection: closed
2019-10-13 09:49:16 SMTP Error: The following recipients failed: order@abc.com.my: : Recipient address rejected: User unknown in virtual mailbox table
Message sending failed.[/tt]



We want every email to be authenticated before sending out. What kind of setup or config is required for us?


Thanks in advance.
Tastebud