|About 99% of all emails to us with this question end up being da-popb4smtp causing confusion, and not an open relay. What da-popb4smtp does is adds your own IP to the /etc/virtual/pophosts for 30 minutes file after you've authenticated with pop or imap. Any IP in this file can send emails freely without smtp authentication, but since you've already authenticated with pop, you're a valid user anyway, so it's not an issue.|
You can check if you have an open relay at unlocktheinbox.com/openrelaytest/.
You should almost never have any domains listed in the /etc/virtual/whitelist_domains file as any email with any from address as any domain in that file can relay through your server. Use it as a last resort only. Be especially careful to NOT have commonly forged domains, such as hotmail, gmail, etc., in that file.
|How to update your exim.conf|
|How to limit the number of emails sent by each user (prevent spammer)|
|My server is sending spam. What do I do?|
|I need to count how many smtp-auth sends were done by a particular login or IP|
© 2018 JBMC Software, Suite 173 3-11 Bellerose Drive, St Albert, AB T8N 1P7 Canada. Mon-Fri 9AM-5PM MST