Page 1 of 2
SMTP Failures (smtpauth) -dovecot_plain authenticator failed
Posted: 21 May 2014, 11:54
by HappymanUK
Recently I have been receiving hundreds of e-mails per day for failed SMTP authentications.
These are from many countries including Serbia, Russia, Taiwan, Vietnam, Libya and many more.
The site is running cPanel and the sites on the server send out e-mail, but any mail clients are set to send out e-mails via our own ISP (rather than via the server).
Is there a way to block access to any remote connections trying to send e-mail out using the server this way ?
I'm concerned about the number of attempts being received.
Any comments/advise appreciated.
Thanks
Daniel
Re: SMTP Failures (smtpauth) -dovecot_plain authenticator fa
Posted: 21 May 2014, 16:57
by ForumAdmin
You could use the new option: SMTPAUTH_RESTRICT. It is explained in csf.conf and the csf readme.txt and allows you to restrict access to SMTP AUTH.
Re: SMTP Failures (smtpauth) -dovecot_plain authenticator fa
Posted: 21 May 2014, 17:19
by HappymanUK
Thanks for your reply. That is great news.
Just to confirm - This won't affect anything other than people trying to send e-mails via SMTP through the server - ie, won't affect server pages/applications sending out e-mails, and other incoming/outgoing e-mails.
Re: SMTP Failures (smtpauth) -dovecot_plain authenticator fa
Posted: 21 May 2014, 17:21
by ForumAdmin
It should not affect anything else. It simply prevents exim from advertising SMTP AUTH as a login mechanism to external access. If it doesn't advertise it, it cannot be used to authenticate.
Re: SMTP Failures (smtpauth) -dovecot_plain authenticator fa
Posted: 09 Jun 2014, 18:34
by HappymanUK
I'm about to make these changes on a server that used to have cpanel, but it expired - and I am no longer using cpanel.
I'm trying to follow the instructions and it refers to editing the exim.conf.local or 'active exim.conf' file.
How can I tell which one is active ? - As I cannot find exim.conf.local but the following:
/etc/exim.conf
/etc/exim.conf.dist
/etc/exim.conf.localopts
/etc/exim.conf.mailman2.dist
/etc/exim.conf.mailman2.exiscan.dist
/usr/local/cpanel/bin/admin/Cpanel/exim.conf
/usr/local/cpanel/etc/exim/distconfig/exim.conf.dist
If it is the /etc/exim.conf file, I'm not sure where to add the line, as it says 'to an @CONFIG@ section' ??
Thanks in advance,
Daniel
Re: SMTP Failures (smtpauth) -dovecot_plain authenticator fa
Posted: 11 Jun 2014, 16:17
by HappymanUK
Any ideas ? - This has got me a bit confused..
Thanks in advance,
Daniel
Re: SMTP Failures (smtpauth) -dovecot_plain authenticator fa
Posted: 11 Jun 2014, 17:23
by ForumAdmin
You would need to add it to the top of /etc/exim.conf and then restart exim.
Re: SMTP Failures (smtpauth) -dovecot_plain authenticator fa
Posted: 11 Jun 2014, 17:30
by HappymanUK
Thanks very much - I will give that a try.
Re: SMTP Failures (smtpauth) -dovecot_plain authenticator fa
Posted: 11 Jun 2014, 17:51
by HappymanUK
Thanks - That was easy.
So in my circumstances that is all I needed to do ?
Re: SMTP Failures (smtpauth) -dovecot_plain authenticator fa
Posted: 11 Jun 2014, 18:00
by ForumAdmin
Yes. On a licensed cPanel server you have to go through the extra hoops because updating exim in WHM overwrites the /etc/exim.conf configuration file.