how do i configure the mail server (CPanel/Exim) to not accept mail from unauthorize users? SMTP seems to be accept mail from anyone who knows the existence of this server... how do i make the server to request the user to login before the user can send mail through the mail server? thanks.

http://www.exim.org/exim-html-3.20/doc/html/oview.html

Check the relaying,smtp and verification sections.

cpanel actually has a built in process that dovetails with Exim to prevent this, or should.....
"antirelayd" keeps unauthorized users from relaying through the smtp server in question- and adds authenticated pop3 users to the allowed relay hosts file. However, users can also authenticate to exim for relaying directly with a valid mailbox UID and password.

take a look at /scripts/fixrelayd and see if all is well to make sure your relaying protection is working.

add this line to your /etc/exim.conf file

auth_hosts = *


make sure you add that line before the host_accept_relay line

restart exim(mailserver) from WHM

now, all the mails sent using your server's smtp will need to authrize first with user/pass and it will allow only those users whose email address exists on local server.

Thanks