Email send to me directly from my own server

[Tazmanian79]

Hi,

I'm on a VPS with Directadmin (latest version).

My mailserver is not an open relay. But when someone uses my mailserver (port 25) to send an email to a domain hosted on my server this email will be delivered.
Is there any setting or way around to deny this?

It can be done like this:
[pc] → telnet mail.***.com 25
220 srv1.***.com ESMTP Exim 4.72 Fri, 05 Oct 2012 09:54:56 +0200
HELO mydirectconnection.to.yourmailserver.com
250 srv1.***.com Hello ****.static.telenet.be [****]
MAIL FROM: ***@gmail.com
250 OK
RCPT TO: info@***.com
250 Accepted
DATA
354 Enter message, ending with "." on a line by itself
Subject: een mail rechtstreeks via jouw mailserver
Gewoon om te bewijzen dat het toch kan

.
250 OK id=1TK2lg-0000O0-Qd
QUIT
221 srv1.***.com closing connection
Connection closed by foreign host

 

[zEitEr]

Hello,

Deny what exactly? Telnet? Sending emails to your email boxes or what?

 

[Tazmanian79]

Well to deny the following:

Direct contact to mail.myserver.com via port 25 to send a mail to a domain on my server.
As long as the domain isn't hosted on my server they are not able to send any mail.

Normally a user connects to the mailserver of there provider, and send a mail via there own mailserver.

Now everyone can 'login' on my mailserver and send a mail to an existing mailbox.

I'm not sure how I have to explain it wright.

 

[zEitEr]

Now everyone can 'login' on my mailserver and send a mail to an existing mailbox.

How do you know that? You might want to sent IP of your server with PM, and I'll check it myself for free. I'll try telnet to your server and try to send an email.

 

[Tazmanian79]

Check the first post. That's an output of a mail send from my own mailserver to an existing emailaccount.
Only works on port 25, not 587 because there you need authentication.

 

[zEitEr]

1. With default exim.conf nobody can send emails without a password.

2. You wrote that "everyone can", and I see only one message. So my question still remains, how do you know that "everyone can"?

Related:
http://help.directadmin.com/item.php?id=201

 

[nobaloney]

I believe the two of you are misunderstanding each other.

It's absolutely normal behavior for anyone to be able to use your mailserver to send email to an address hosted on your server.

The reason is simple.

The way mailservers send mail to each other is by using the SMTP protocol on port 25 to reach your server. Your MTA (in this case exim) will verify that the address is on the server and deliver it. Exim has no idea if the email is coming from another mailserver or a local desktop or laptop (using what we call an MUA (mail user agent), for example Outlook or Outlook Express, as long as it uses SMTP protocol and attempts to deliver your server on port 25.

If it didn't do that, then no one could send email to your server on port 25, not even another mail server.

I hope I've made this clear.

Jeff

 

[Tazmanian79]

Yes, that's what I meant. Thanks for explaining.