How to verify that the server is not acting as an open relay on Plesk?

Question

Everyone can send mail from the server without authorization.

How to stop it?

Answer

If you find that your server is acting as an open relay, please check the following:

1. Log into Plesk

2. Go to Tools & Settings > Mail Server Settings and check the relaying setting in the server-wide mail preferences:

   It should be set as authorization is required.

3. On the same page check the white list and make sure that there are no unwanted IPs/networks.

   By default, the list should contain only
127.0.0.1/8
or
127.0.0.1/32
or
::1/128.

   This record means that authorization is required for all IPs except
127.0.0.1
and
::1/128.

   That allows mail to be sent via Webmail.

Additional information

To check if the server is really acting as an open relay, connect to the server via SSH or RDP try to connect to it from another server and send a message to an external email address:

# telnet <YOUR_SERVER_IP> 25
Trying <YOUR_SERVER_IP>...
Connected to <YOUR_SERVER_IP>.
Escape character is '^]'.
220 hostname ESMTP Postfix
mail from: john.doe@example.com
250 2.1.0 Ok
rcpt to: john.doe@example2.com
554 5.7.1 <john.doe@example2.com>: Relay access denied

If you see an output similar to the one shown above, your server is not an open relay. Otherwise, if you see a reply like
250 2.1.5 Ok, then the server, indeed, is acting as an open relay.

Note: When sending messages to an email address hosted on the same server authorization is usually not required, and such behavior is not considered as an open relay. The same applies to send messages locally from the server.