Secure Exim server

April 17, 2018 561 views
Email Ubuntu 16.04

How can i configure my exim4 server to keep it protected?

Today we noticed some emails sended through in, but this server dont is used to send emails, just to read.

Is possible someone used telnet to send emails, i need use DigitalOcean Firewall to block something?

This is the log of an email sent:

2018-04-17 14:56:34 1f8UqH-00063i-4z <= internal-email@subdomain.mydomain.com H=(CUSTOMER-ISP) [CUSTOMER-IP] P=esmtp S=4189 id=002101d3d65c$01730410$11fc68a8$@subdomain.mydomain.com
2 Answers

Blocking the SMTP port in your firewall may cause issues when receiving mail from other servers. Instead you will want to ensure that exim is not configured to relay mail.

This thread includes details on the configuration changes recommended to resolve this.

I tested the server with MXToolBox (https://mxtoolbox.com/diagnostic.aspx) and the result has been "550 relay not permitted [644 ms]".

In this case, i think the problem can be another thing.

Have another answer? Share your knowledge.