I have been having issues with spam on my mail server. I tested the server at abuse.net and test 6 fails with the following result:
Relay test 6
<<< 250 Reset OK
>>> MAIL FROM:<[email protected]>
<<< 250 OK
>>> RCPT TO:<[email protected]>
<<< 250 Accepted
<<< 354 Enter message, ending with "." on a line by itself
>>> (message body)
<<< 250 OK id=1MGLZF-0002Jz-IZ
I have been trying for hours to close this hole with no success. I am running the server using cPanel / WHM which supposedly closes open relay by default, I have tried tweaking the settings, but still no luck.
Any help would be greatly appreciated!
(Server is running CentOS, cPanel/WHM, and is using Exim)
It seems like it is accepting the mail because of the "%" in the to field.
Update: It looks like the mail is being forwarded due to something known as the "percent hack", where the address is specified as "[email protected]". This results in mail being sent to "[email protected]" via "domainA.com". The issue is that "domainA.com" is a whitelisted domain and is therefore ignored by exim. "percent_hack_domains" in Exim is not enabled though.
"Sender address uses local hostname and recipient uses percent hack