Hello. I'm using PMG as a mail proxy for my Exchange mailserver.
Yesterday I noticed that it's possible to send mails anonymously from the domains listed in my relay domains, to any other domain listed in my relay domains. I tested from an unrelated external network, and i was able to send emails from my relay using a simple SMTP tester, but only from and to mydomains.tld.
I was convinced that only IPs listed in the networks tab were allowed to send FROM the relay.
Luckily this hasn't been abused yet except from 1 single phishing mail that made me aware of the issue (so thanks spammer).
How do i prevent any other network to send from the relay, except from those listed in trusted networks - regardless of the sender and receiver domain?
I hope my question makes sense.
I've posted some screenshots of my configuration.
Thanks in advance.
Yesterday I noticed that it's possible to send mails anonymously from the domains listed in my relay domains, to any other domain listed in my relay domains. I tested from an unrelated external network, and i was able to send emails from my relay using a simple SMTP tester, but only from and to mydomains.tld.
I was convinced that only IPs listed in the networks tab were allowed to send FROM the relay.
Luckily this hasn't been abused yet except from 1 single phishing mail that made me aware of the issue (so thanks spammer).
How do i prevent any other network to send from the relay, except from those listed in trusted networks - regardless of the sender and receiver domain?
I hope my question makes sense.
I've posted some screenshots of my configuration.
Thanks in advance.