smtp auth only

Develop

Verified User
Joined
Jun 9, 2016
Messages
158
Location
Istanbul, TR
Hello,
I need to configure smtp only auth user.
Want to block user simply use: echo mail ("[email protected]" ,"Test Auth" , "Has send!",$headers);
I have disabled mail() func. both php version running php.ini but only this enough for security I don't know.

How to configure server only relay and userAuth
Regards.
 
Last edited:
Are you using Custombuild 2.0?
In that case I suggest disabling da-popb4smtp too if you've not done so already and use a new spamblocker exim.conf file.
https://help.directadmin.com/item.php?id=467

Next to that, you could use csf/lfd firewall and set:
SMTP_BLOCK = "1" (which only allows outgoing mail from root, exim and mailman)
SMTP_ALLOWLOCAL = "0" (which also blocks all mails originated by scripts)
SMTP_PORTS = "25,465,587" (read doc so you don't forget any ports)

Don't forget to restart csf/lfd afterwards.
 
Hello Richard,

https://help.directadmin.com/item.php?id=467 all steps has been done.

After SMTP_BLOCK = "1" if I set SMTP_PORTS = "25,465,587" with "465" accounts cant send any mail over smtp auth via yandex, gmail etc.
if set it SMTP_PORTS = "25,587" like this working.
And if I set SMTP_ALLOWLOCAL = "0" roundcube has an error connection (-1)

https://help.directadmin.com/item.php?id=461 after this steps roundcube has run again.

How to fix it that all getting complicated?

I want SMTP_BLOCK = "1" & SMTP_PORTS = "25,465,587" & connect smtp.yandex.net port 465 and other email providers... & SMTP_ALLOWLOCAL = "0" without roundcube error :rolleyes:

Regards
 
Last edited:
Hello Develop.

You need SMTP_ALLOWLOCAL=1 for Webmail indeed.

I guess in the case what you want to be able to do, your initial setup was correct. Disable php mail, using the new Spamblocker exim.conf files. I don't think a lot more can be done.
However I'm not familiar with the other smtp options in csf/lfd.

Maybe somebody else has some other improvement tips for you.
 
Hello zEitEr,

Thank you for solution.

- Great solution work like a charm. SMTP_ALLOWLOCAL = 0 work with roundcube and rainloop.

SMTP_BLOCK = "0"
SMTP_ALLOWLOCAL = "0"
SMTP_REDIRECT = "0"
SMTP_PORTS = "25,465,587"
SMTP_ALLOWUSER = "webapps"
SMTP_ALLOWGROUP = "mail,mailman"

Smtp_block still problem.

SMTP_BLOCK = 1 Tested! For yandex user = >On SSL 465 > Message could not be sent. Mailer Error: SMTP connect() failed. https://github.com/PHPMailer/PHPMailer/wiki/Troubleshooting

csf.conf

Allow incoming TCP ports
TCP_IN =
20,21,22,25,53,80,110,143,443,465,587,993,995,2222

Allow outgoing TCP ports
TCP_OUT =
20,21,22,25,53,80,110,113,443,465,587,993,995,2222

Allow incoming UDP ports
UDP_IN =
20,21,53

Allow outgoing UDP ports
To allow outgoing traceroute add 33434:33523 to this list
UDP_OUT =
20,21,53,113,123
 
Last edited:
You can add trusted users into SMTP_ALLOWUSER, for example:

Code:
SMTP_ALLOWUSER = "webapps,userbob,usermark"

userbob and usermark are faked names of users. You should specify real ones.

 
Ok, I understand. Thanks a lot for help.

it's not possible be able to user allow only in httpdocs phpmailer script use relay for sent mail?
exmp: different server login, yandex, gamil etc.

Regards.
 
Last edited:
SMTP_BLOCK = "1"
SMTP_ALLOWLOCAL = "0"
SMTP_REDIRECT = "1"
SMTP_PORTS = "25,465,587"
SMTP_ALLOWUSER = "webapps"
SMTP_ALLOWGROUP = "mail,mailman"

I set it SMTP_BLOCK = "1" & SMTP_REDIRECT = "1"

And phpmailer works now for local smtp auth! Not for gmail or yandex etc. There is any security problem?
 
Is it possible to connect over 465 ssl for gmail, yandex relay users?

Different than this: SMTP_ALLOWUSER = "webapps,userbob,usermark"
 
You could probably add those numerous IPs into allow list in csf.allow with a limit to connect to 465 outgoing.
 
Back
Top