Greetings. - I have a The Perfect Server-Debian-Apache, it works fine for months. - On this server I have five email accounts. - I have not changed any settings. - I actively use only one account without problems. - But another one that I don't use, a lot of spam emails have been arriving for a week. - In the ISPconfig, in Spam Filter I have tested with "Normal" and "Non-Paying" without success. - Has anyone had the same problem these days? Expand: sudo systemctl status clamav-daemon.service ● clamav-daemon.service - Clam AntiVirus userspace daemon Loaded: loaded (/lib/systemd/system/clamav-daemon.service; enabled; vendor preset: enabled) Drop-In: /etc/systemd/system/clamav-daemon.service.d └─extend.conf Active: active (running) since Sun 2020-10-11 00:22:10 CST; 2 days ago Docs: man:clamd(8) man:clamd.conf(5) https://www.clamav.net/documents/ Process: 420 ExecStartPre=/bin/mkdir /run/clamav (code=exited, status=0/SUCCESS) Process: 480 ExecStartPre=/bin/chown clamav /run/clamav (code=exited, status=0/SUCCESS) Main PID: 494 (clamd) Tasks: 2 (limit: 1167) Memory: 10.8M CGroup: /system.slice/clamav-daemon.service └─494 /usr/sbin/clamd --foreground=true Oct 13 09:00:02 mail clamd[494]: Tue Oct 13 09:00:02 2020 -> SelfCheck: Database status OK. Oct 13 09:23:58 mail clamd[494]: Tue Oct 13 09:23:58 2020 -> Reading databases from /var/lib/cl Oct 13 09:25:07 mail clamd[494]: Tue Oct 13 09:25:07 2020 -> Database correctly reloaded (89235 Oct 13 11:00:03 mail clamd[494]: Tue Oct 13 11:00:03 2020 -> SelfCheck: Database status OK. Oct 13 13:00:01 mail clamd[494]: Tue Oct 13 13:00:01 2020 -> SelfCheck: Database status OK. Oct 13 14:00:01 mail clamd[494]: Tue Oct 13 14:00:01 2020 -> SelfCheck: Database status OK. Oct 13 15:00:02 mail clamd[494]: Tue Oct 13 15:00:02 2020 -> SelfCheck: Database status OK. Warning: Journal has been rotated since unit was started. Log output is incomplete or unavailab Expand: sudo systemctl status spamassassin ● spamassassin.service - Perl-based spam filter using text analysis Loaded: loaded (/lib/systemd/system/spamassassin.service; disabled; vendor preset: enabled) Active: inactive (dead) Oct 13 16:42:56 mail systemd[1]: /lib/systemd/system/spamassassin.service:6: PIDFile= reference Thanks
It is strange if an e-mail address does not receive spam. If address is published somewhere, has sent e-mail to someone with malware on workstation that collects e-mail addresses or is just guessed by spammer it receives spam. I switched from amavis to rspamd, that in my opinion is better, or at least I hope I can configure it better so most spam is repelled. Most spam is rejected by postfix on my host. I have set it up to check server has PTR record and is also otherwise properly configred, and is not in any of the black lists I use. Result: Code: Postfix log summaries for Oct 13 Grand Totals ------------ messages 386 received 264 delivered 0 forwarded 4 deferred (44 deferrals) 2 bounced 1504 rejected (85%) 0 reject warnings 0 held 0 discarded (0%) So 85% of arriving e-mail is thrown away and not given to rspamd (or amavis) to scan. Of the remaining 386 e-mails. 264 are deliverd to recipient mailbox, the rest is marked as spam, probably.
If its a general address like info@ it is frequently guessed by spammers. I see a lot of spam is detected, just not moved to the junk folder. You can enable move to junk for that account so the mails won't be in your inbox anymore.
So I do not understand what happens, the email account has not been used anywhere. I started getting a lot of spam since last week. It is also not an easy account to guess as it is [email protected]. I'm going to do more research and try rspamd. Thanks for the info
Spammers try email addresses, like start with [email protected], [email protected], ... then [email protected], [email protected] ... [email protected], [email protected]. Eventually they hit [email protected]. I once had an e-mail address that I never used anywhere. In that case it took almost full year before first spam arrived. So do not worry why spam arrives, there is nothing you can do. Examine how you can reject that spam or automatically move it to Junk folder. Or delete that mailbox, if it is never used anyway.
Now I understand Taleman, it is curious that they did not send to info@ mail@ or admin@ but to home2 @ It is true that I have had little spam on the main account I use most, but it is always rejected or marked as spam and never was that much. I will look for a solution on how to reject with postfix and I will look for why most of the spam is not marked as such. Or I will delete the account. Thank you very much for the information.