Closed tiberios1 closed 1 year ago
I doubt that. Please check the instance using https://mxtoolbox.com/diagnostic.aspx and report the results here. My personal instance is not an open relay.
I‘ve just tested with http://www.aupads.org/test-relay.html, which gives more details. Your test result with it would be helpful.
did you made configuration changes aside from the documented possibilities? First thing I thought of is trusted networks. Have you changed its value?
given that the second test says that your host is an open relay, you should consider turning the service off as long as the issue is not solved.
I would suspect a configuration issue, also. Running the tests against my deployment looks OK, I get:
and from the aupads test:
from audpads -
You mentioned trusted networks - where is that setting? I don't believe I've changed it. I have set a relayhost as I want my outgoing mail to go via my ISPs mailserver currently.... Not sure if that would make a difference.
In the mean time, I've blocked port 25 on my firewall to all but my antispam service (which all my inbound mail should go through anyway)
I think I might have worked this out.... I use shorewall on the same machine that runs the docker containers. I specifically opened up port 25 to the host, but it looks like I didn't need to do that and by doing it, I ended up making it an open relay. Not sure I understand exactly what happened but removing the manual rules I put in for port 25 seems to have fixed it.
If your firewall rule applied source-nat (made the source address appear to be from the local host instead of an external host) that would make the connection match the trusted networks rule, which would result in an open relay. It might also be referred to as a hairpin route or similar.
Thank you both for clarification! I'll close this. :)
Is your feature request related to a problem? Please describe. When sending emails via my phone, I don't need to login to the mailserver. This allows anyone who knows of the server to send emails via it, if only as specific (but unauthenticated) users
Describe the solution you'd like Users should need to login to the mail server to send emails.
Describe alternatives you've considered N/A
Additional context None