Question

Secure Exim server

How can i configure my exim4 server to keep it protected?

Today we noticed some emails sended through in, but this server dont is used to send emails, just to read.

Is possible someone used telnet to send emails, i need use DigitalOcean Firewall to block something?

This is the log of an email sent:

2018-04-17 14:56:34 1f8UqH-00063i-4z <= internal-email@subdomain.mydomain.com H=(CUSTOMER-ISP) [CUSTOMER-IP] P=esmtp S=4189 id=002101d3d65c$01730410$11fc68a8$@subdomain.mydomain.com
Subscribe
Share

Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Accepted Answer

Blocking the SMTP port in your firewall may cause issues when receiving mail from other servers. Instead you will want to ensure that exim is not configured to relay mail.

This thread includes details on the configuration changes recommended to resolve this.

I tested the server with MXToolBox (https://mxtoolbox.com/diagnostic.aspx) and the result has been “550 relay not permitted [644 ms]”.

In this case, i think the problem can be another thing.