Sending of disabled accounts, nonexistent accounts and without FROM

Discussion forum for Enterprise Edition.
menteinfinita
Posts: 18
Joined: Fri Mar 01, 2019 4:03 pm

Re: Sending of disabled accounts, nonexistent accounts and without FROM

Post by menteinfinita »

Do you know how I can avoid emails for the domain [qq.com]?

menteinfinita
Posts: 18
Joined: Fri Mar 01, 2019 4:03 pm

Re: Sending of disabled accounts, nonexistent accounts and without FROM

Post by menteinfinita »

Line 117779: 03/14/19 11:39:21 ME-IXXXX: [1960] An attempt to send as mail from ventas@midominio.com occurred but the sender did not authenticate and the IP address (125.125.46.214) is not defined as a local or privileged IP address. To allow this request, add the IP address to the Privileged IPs list under the SMTP|Relay properties.
Line 118047: 03/14/19 11:40:30 ME-IXXXX: [1688] An attempt to send as mail from ventas@midominio.com occurred but the sender did not authenticate and the IP address (220.175.144.131) is not defined as a local or privileged IP address. To allow this request, add the IP address to the Privileged IPs list under the SMTP|Relay properties.
Line 118320: 03/14/19 11:41:46 ME-IXXXX: [1416] An attempt to send as mail from ventas@midominio.com occurred but the sender did not authenticate and the IP address (36.56.146.242) is not defined as a local or privileged IP address. To allow this request, add the IP address to the Privileged IPs list under the SMTP|Relay properties.
Line 118329: 03/14/19 11:41:50 ME-IXXXX: [1640] An attempt to send as mail from ventas@midominio.com occurred but the sender did not authenticate and the IP address (114.99.25.155) is not defined as a local or privileged IP address. To allow this request, add the IP address to the Privileged IPs list under the SMTP|Relay properties.
Line 118952: 03/14/19 11:44:40 ME-IXXXX: [1972] An attempt to send as mail from ventas@midominio.com occurred but the sender did not authenticate and the IP address (36.56.147.24) is not defined as a local or privileged IP address. To allow this request, add the IP address to the Privileged IPs list under the SMTP|Relay properties.

Line 119064: 03/14/19 11:45:12 ME-I0018: [877234F0D1EE481CBF26298E885DB6E3.MAI] Outbound message from ([SMTP:ventas@midominio.com]) requeued as [CC329AF269104031989109DFDAAA4F99.MAI] to the target domain [qq.com]
Line 119381: 03/14/19 11:46:47 ME-I0018: [CD5BC41578674BCDABE99C2A9215A09A.MAI] Outbound message from ([SMTP:ventas@midominio.com]) requeued as [30656B7A821746B9AF7CB5B345BA95E8.MAI] to the target domain [qq.com]
Line 119434: 03/14/19 11:46:58 ME-I0018: [4B7A922C2CF6499CBFD83E69DA29B6A9.MAI] Outbound message from ([SMTP:ventas@midominio.com]) requeued as [41D33E4A61ED403E8D294DEF4181DF30.MAI] to the target domain [qq.com]
Line 119484: 03/14/19 11:47:13 ME-I0018: [536D38084B50482A92D0EFC8CA316951.MAI] Outbound message from ([SMTP:ventas@midominio.com]) requeued as [11EB47427A074E35AF4A5891364E628F.MAI] to the target domain [qq.com]
Line 119499: 03/14/19 11:47:14 ME-I0018: [551B6900C2484B8BABF577CDFFF38B44.MAI] Outbound message from ([SMTP:ventas@midominio.com]) requeued as [2083A1E1F3404A8B83084F69B22993F8.MAI] to the target domain [qq.com]




I do not understand why all of a sudden I stop validating correctly, if you look at 11:44:40, I did not allow the exit correctly, and seconds later at 11:45:12 it allowed everything to come out.

cfdynamics
Posts: 154
Joined: Mon May 24, 2010 2:27 pm

Re: Sending of disabled accounts, nonexistent accounts and without FROM

Post by cfdynamics »

Another place to check would be the "Relay" tab under SMTP service. if the IP that is sending out the bogus email is in that list it is allowed to send ANY email unauthenticated.

Other than that I can't think of anything else we have not already covered that may be allowing the disabled accounts sending by the spoofer connection.

You would need to contact MailEnable support to find out of the relay to gmail is possibly overriding the authentication checks.
Kent Runyan
CFDynamics.com
Providing World Class Hosting Solutions for over two decades.

menteinfinita
Posts: 18
Joined: Fri Mar 01, 2019 4:03 pm

Re: Sending of disabled accounts, nonexistent accounts and without FROM

Post by menteinfinita »

This is the configuration of my Relay, do you see something strange? :? :(
Attachments
This is the configuration of my Relay, do you see something strange?
This is the configuration of my Relay, do you see something strange?
Captura.JPG (90.6 KiB) Viewed 8762 times

cfdynamics
Posts: 154
Joined: Mon May 24, 2010 2:27 pm

Re: Sending of disabled accounts, nonexistent accounts and without FROM

Post by cfdynamics »

You found it!! Right now you are allowing ALL computers to relay mail through your server. Change that to the Denied relay rights. Only add IPs that you want to be able to send mail without authentication.
Kent Runyan
CFDynamics.com
Providing World Class Hosting Solutions for over two decades.

Post Reply