How to deny open relay internal SMTP? - OPENEMM 2015 R3

Use this forum for questions regarding installation, upgrading and configuration of OpenEMM

Moderator: moderator

ikom
Posts: 1
Joined: Thu Apr 06, 2017 9:02 am

How to deny open relay internal SMTP? - OPENEMM 2015 R3

Post by ikom »

Hi guys,
I'm doing the setup of OPENEMM 2015 R3 following the official guide: OpenEMM-2015_InstallAdminGuide_1.3.2.pdf
I've noticed an issue related to the internal smtp, when I test it for the open relay on the major sites, it fails.
Trying to test it via telnet I get this behaviour:

Code: Select all

telnet myopenemm.com 25
Trying 0.0.0.0...
Connected to myopenemm.com.
Escape character is '^]'.
220 myopenemm.com Python SMTP proxy version 0.2
mail from:<jane@somewhere.com> 
250 Ok
rcpt to:<john@somewhere.com>
250 Ok
data
354 End data with <CR><LF>.<CR><LF>
bounce relay test
.
250 Ok
Actually the email it isn't sent to John, but Jane receive the bounce:

Code: Select all

Subject: Mail failed: 510 Unknown user john@mydomain.com
Mail failed due to 510:
Unknown user john@somewhere.com


The original message follows:
> Return-Path: <jane@mydomain.com>
> From: jane@mydomain.com
> X-AGNLoop: set
bounce relay test
This issue makes the internal smtp not usable in a production environment with 25 port open.
In the very few minutes that I spent to doing this test, I see in the mail log unexpected bounces to unknown email addresses (foreign connections).
There is a way to deny the relay at the RCPT TO: stage with the internal SMTP as other sendmail instances do? (550 5.7.1 <john@somewhere.com>... Relaying denied)

I tried to search in the forum similar topic but I only found this: http://openemm.agnitas.de/installation- ... c1312.html
It's similar to my question but there is no solution at openemm software level and it not consider the bounce that is actually sent.

Any thoughts and suggestions to resolve this issue are kindly appreciated, thank you.

Cheers
Massimo