How can someone at Postfix send soap to me on my behalf without knowing the password?

K

kaddata2018-10-22 21:25:51

Email

kaddata, 2018-10-22 21:25:51

There is soap on Postfix and dovecot. Some people sometimes connect and send soap on my behalf to me - they extort bitcoins. They don't know the password for sure, they say that it is 123...8, while my password is complicated there.
What setting in Postfix is responsible for the possibility of such a connection and sending soaps? And how to ban it?
It seems that authentication costs what you need:

$ telnet mail.gatdarrri.com 25

    Trying 42.232.18.133...
    telnet: connect to address 42.232.18.133: Connection refused
    telnet: Unable to connect to remote host

Reply

Answer the question

In order to leave comments, you need to log in

4 answer(s)

D

Dmitry, 2018-10-22
@Tabletko

Check for open relay. Also look at the headers of incoming letters and from which server it came, perhaps they simply replace the Mail From header.

V

Vladimir Dubrovin, 2018-10-23
@z3apa3a

In classical email, there is no control over the displayed sender address (From), in fact, even the default SMTP envelope-from control in postfix is not. Therefore, anyone can write from any address. To prevent this from happening, use DMARC, postfix can use OpenDMARC.
To protect your own domain, you need to set up SPF and DMARC records + add a DKIM signature to all emails sent from your domain.

D

Dimonchik, 2018-10-22
@dimonchik2013

And how to ban it?

configure sending only by authentication

D

djhox, 2018-10-25
@djhox

So anyone can send email to any server from any name. It's all about the settings: you can create ptf, DMARC, etc. in order for the receiving server to either reject messages from a non-original server, or put them in spam.