Disable SMTP-AUTH To Stop Relay Hackers In Their Tracks

Sometimes setting up a system to allow password authentication is less secure.

Ever notice activity like this on your SMTP-enabled Domino server?

SMTP Server: Authentication failed for user guest ; connecting host 46.137.108.26
SMTP Server: Authentication failed for user backup ; connecting host 46.137.108.26
etc.

Guess what…  In this case, I am not happy that ec2-46-137-108-26.eu-west-1.compute.amazonaws.com (Amazon Web Services, Ireland) thinks they need to relay SMTP through my Domino server.

If this hacker is able to guess a user login and password combo, they can relay whatever they want.

There is a quick fix that prevents these hacking attempts from ever succeeding at circumventing SMTP relay restrictions:

If you are NOT using Internet Site documents, set the following field(s) to “No” in the corresponding server’s Server Document:

2016-02-09_21-45-04

If you ARE using Internet Site documents, just change the following field(s) to “No”:

2016-02-09_21-49-56

Want more info? Read more here.

Happy hacker snubbing!

 

Advertisements