how do i configure the mail server (CPanel/Exim) to not accept mail from unauthorize users? SMTP seems to be accept mail from anyone who knows the existence of this server... how do i make the server to request the user to login before the user can send mail through the mail server? thanks.
cpanel actually has a built in process that dovetails with Exim to prevent this, or should.....
"antirelayd" keeps unauthorized users from relaying through the smtp server in question- and adds authenticated pop3 users to the allowed relay hosts file. However, users can also authenticate to exim for relaying directly with a valid mailbox UID and password.
take a look at /scripts/fixrelayd and see if all is well to make sure your relaying protection is working.