SMTP Failures (smtpauth) -dovecot_plain authenticator failed

HappymanUK
Junior Member
Posts: 44
Joined: 06 Jan 2007, 16:46

SMTP Failures (smtpauth) -dovecot_plain authenticator failed

Post by HappymanUK »

Recently I have been receiving hundreds of e-mails per day for failed SMTP authentications.

These are from many countries including Serbia, Russia, Taiwan, Vietnam, Libya and many more.

The site is running cPanel and the sites on the server send out e-mail, but any mail clients are set to send out e-mails via our own ISP (rather than via the server).

Is there a way to block access to any remote connections trying to send e-mail out using the server this way ?

I'm concerned about the number of attempts being received.

Any comments/advise appreciated.

Thanks
Daniel
ForumAdmin
Moderator
Posts: 1524
Joined: 01 Oct 2008, 09:24

Re: SMTP Failures (smtpauth) -dovecot_plain authenticator fa

Post by ForumAdmin »

You could use the new option: SMTPAUTH_RESTRICT. It is explained in csf.conf and the csf readme.txt and allows you to restrict access to SMTP AUTH.
HappymanUK
Junior Member
Posts: 44
Joined: 06 Jan 2007, 16:46

Re: SMTP Failures (smtpauth) -dovecot_plain authenticator fa

Post by HappymanUK »

Thanks for your reply. That is great news.

Just to confirm - This won't affect anything other than people trying to send e-mails via SMTP through the server - ie, won't affect server pages/applications sending out e-mails, and other incoming/outgoing e-mails.
ForumAdmin
Moderator
Posts: 1524
Joined: 01 Oct 2008, 09:24

Re: SMTP Failures (smtpauth) -dovecot_plain authenticator fa

Post by ForumAdmin »

It should not affect anything else. It simply prevents exim from advertising SMTP AUTH as a login mechanism to external access. If it doesn't advertise it, it cannot be used to authenticate.
HappymanUK
Junior Member
Posts: 44
Joined: 06 Jan 2007, 16:46

Re: SMTP Failures (smtpauth) -dovecot_plain authenticator fa

Post by HappymanUK »

I'm about to make these changes on a server that used to have cpanel, but it expired - and I am no longer using cpanel.

I'm trying to follow the instructions and it refers to editing the exim.conf.local or 'active exim.conf' file.

How can I tell which one is active ? - As I cannot find exim.conf.local but the following:

/etc/exim.conf
/etc/exim.conf.dist
/etc/exim.conf.localopts
/etc/exim.conf.mailman2.dist
/etc/exim.conf.mailman2.exiscan.dist
/usr/local/cpanel/bin/admin/Cpanel/exim.conf
/usr/local/cpanel/etc/exim/distconfig/exim.conf.dist

If it is the /etc/exim.conf file, I'm not sure where to add the line, as it says 'to an @CONFIG@ section' ??

Thanks in advance,

Daniel
HappymanUK
Junior Member
Posts: 44
Joined: 06 Jan 2007, 16:46

Re: SMTP Failures (smtpauth) -dovecot_plain authenticator fa

Post by HappymanUK »

Any ideas ? - This has got me a bit confused..

Thanks in advance,

Daniel
ForumAdmin
Moderator
Posts: 1524
Joined: 01 Oct 2008, 09:24

Re: SMTP Failures (smtpauth) -dovecot_plain authenticator fa

Post by ForumAdmin »

You would need to add it to the top of /etc/exim.conf and then restart exim.
HappymanUK
Junior Member
Posts: 44
Joined: 06 Jan 2007, 16:46

Re: SMTP Failures (smtpauth) -dovecot_plain authenticator fa

Post by HappymanUK »

Thanks very much - I will give that a try.
HappymanUK
Junior Member
Posts: 44
Joined: 06 Jan 2007, 16:46

Re: SMTP Failures (smtpauth) -dovecot_plain authenticator fa

Post by HappymanUK »

Thanks - That was easy.

So in my circumstances that is all I needed to do ?
ForumAdmin
Moderator
Posts: 1524
Joined: 01 Oct 2008, 09:24

Re: SMTP Failures (smtpauth) -dovecot_plain authenticator fa

Post by ForumAdmin »

Yes. On a licensed cPanel server you have to go through the extra hoops because updating exim in WHM overwrites the /etc/exim.conf configuration file.
Post Reply