hostname and RDNS administrative emails

Discussion in 'Server Operation' started by topogigio, Dec 13, 2022.

  1. topogigio

    topogigio Member

    I've have a strange problems with administrative emails generated by ISPConfig.

    For example the "mailbox quota notification" email is always detected as SPAM, and I noticed that it has something strange.

    First of all, I have Websites on a server named "r100" and email service on a server named "r101". Then I have a testing Web server name r200 and a testing email service named "r201". The testing servers haven't any service, I have only internal environments.
    The mailbox quota notifications (related to mailboxes located on "r101") seems generated by "r200" and I cannot explain this:
    Received: from r200 :):ffff:XX.XX.XX.XX [::ffff:XX.XX.XX.XX]) by <RECEIVERSERVERNAME> with SMTP; Tue, 06 Dec 2022 23:00:25 -0000

    Message-ID: <rmhrwo.ibz0sj@r200>

    where XX.XX.XX.XX is the public IP of r200

    And I cannot find why, nor I cannot find how to fix the hostname used in the HELO: it uses "r200" and not ""

    Email sender's name is the one I assigned in system config -> main config -> Mail. Also <RECEIVERSERVERNAME> is the smtp relay server defined in the same page.

    RSPAMD, receiving the mail, reports:

    BAYES_SPAM (5.002364) [99.75%]
    SUBJ_EXCESS_BASE64 (1.5)
    R_SPF_FAIL (1) [-all]
    RDNS_NONE (1)
    MID_RHS_NOT_FQDN (0.5)
    MIME_GOOD (-0.1) [text/plain]
    Also MS antispam marks them as spam.

    Any idea? Any way to NOT encode base64 the email subject?

    ISPConfig is 3.2.8p2 running on Debian Bullseye

  2. till

    till Super Moderator Staff Member ISPConfig Developer

    The easiest way to solve your issue would probably to add your own server to the spamfilter whitelist. or you would have to go trough the code and change it where necessary for your system.
  3. topogigio

    topogigio Member

    I tried to explore this before to write, but how can I do? Email -> spamfilter -> whitelist, then how can I whitelist for all my sender?
    I think I've understood why the emails are received from r200: it is the server with ispconfig panel installed. The bug I think is that it is presenting itself as "r200" and not "r200.domain.tld"
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    The main reason why the emails are filtered out is that the self-learning Bayes filter in your Rspamd installation flags them as spam. And as I mentioned above, look at the code to see where it pulls the hostname to see why it is not the fqdn. Possibilities are that the short hostname is used under system > server config or maybe the hostname of the system is not set up correctly.
  5. topogigio

    topogigio Member

    system > server config has the right value of r200.domain.tld
    however I found a wrong system hostname, only r200 was there. I fixed it with and will check next emails..
    ahrasis likes this.

Share This Page