Is the SMTP safe?

Discussion in 'Installation/Configuration' started by Kira, Sep 29, 2011.

  1. Kira

    Kira Member


    I just found out I can connect to my SMTP Server via pythons smtplib without the need to login and send mails to whatever address with a random 'from'-address.

    I did some relay tests online and they all say it's relay safe.. but... is it a correct behaviour?

    As an example:

    smpt = smptllib.SMTP('')
    smpt.sendmail('[email protected]', '[email protected]', '....;)
    This works, and I am doing this from remote, not locally on my Server.

  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Yes, thats the correct behaviour.

    There are 3 possibilitys where every mailserver ahs to accept emails:

    1) The email is from localhost
    2) The email is sent from a server that we allow to relay. See mynetworks setting in
    3) The recipient domain is a local domain of this server.
  3. Kira

    Kira Member


    thanks for your answer.

    I did the test above from my machine at work.
    None of the 3 points you mentioned match this machine - I think.

    So is this realy correct?

  4. till

    till Super Moderator Staff Member ISPConfig Developer

    Use this test to find out if your machine relays:

    Leave the email field empty or use a external address like gmail.

    If you followed the perfect setup guide to install your server, then it is no open relay.
  5. Kira

    Kira Member

    Okay, seems to be safe.. :)
    Though I don't understand why I can do what I described above..

    Thanks a lot,

Share This Page