BCC all mail from specific domain

Discussion in 'Installation/Configuration' started by snowweb, Mar 15, 2022.

  1. snowweb

    snowweb Member

    I have a troublesome client which habitually opens unknown attachments, resulting their accounts being regularly compromised, resulting in those accounts being used to send large quantities of spam. By the time I notice, our server is already blacklisted which affects all clients.
    I'm thinking to bcc all mail from their domain to a dedicated mailbox, which I can keep an eye on and maybe I'll set some alerts on it to get my attention faster. If you have any better suggestions, I'll be pleased to hear them.
    I've followed the tutorial here, but it's more than 20 years old and I get the following message when I do it:
    Code:
    root@s1:/home/servant# postmap /etc/postfix/sender_bcc
    postmap: warning: /etc/postfix/main.cf, line 103: overriding earlier entry: sender_bcc_maps=proxy:mysql:/etc/postfix/mysql-virtual_outgoing_bcc.cf
    I can't do it at the user level through ISPConfig, since they have a lot of users and it will take forever. Thanks for your help.

    ISPConfig ver. 3.1dev
    Ubuntu 18.04LTS
     
    Last edited: Mar 15, 2022
  2. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    Tip 1: update ISPConfig asap!! Complaining about a troublesome client that does stupid things but not having your software up-to-date is red flag #1...
    Tip 2: don't bcc all their email! that's a huge privacy nono.
    Tip 3: Use rate limiting in rspamd to limit the amount of emails send out.
     
    ahrasis likes this.
  3. snowweb

    snowweb Member

    Thanks Thom.
    The only reason we're using 3.1dev is because at the time we followed the perfect server tutorial (to the letter), the perfect server installation script chose and installed 3.1dev for us and we only found out later after all clients were migrated. We have since spent many hours trying to upgrade it, but apparently you can't do that from a dev release (which we would never have willingly installed if we had known it was going to be installed). The only option is a complete server migration again, which is only budgeted every 5 years.
    I'll look for information on rate-limiting using rspamd. Thanks.
     
  4. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    snowweb likes this.
  5. till

    till Super Moderator Staff Member ISPConfig Developer

    Using the 3.1dev as the installation basis was perfectly fine as it is the stable release plus some security patches. Otherwise it would not have been the recommended installation procedure for years for ten thousands of servers. What @Th0m probably refers to is that you missed updating to a 3.2 release. And updating from 3.1dev is as easy as updating from any stable release, all you have to do is run a single command:

    ispconfig_update.sh

    That's all. And as long as you installed your system according to perfect server guides, there will be no issues at all.

    Why should one want to do that? My oldest continuously upgraded ISPConfig systems are now about 13 - 15 years old, no issues with upgrades at all. And they have been installed even from beta 3.0 versions. Maybe you should consider asking the ISPConfig business support from (Florian Schaal) or @Th0m, who is providing support as well, to do the update for you.
     

Share This Page