mailserver on ispconfig questions

Discussion in 'Installation/Configuration' started by iceget, May 22, 2014.

  1. iceget

    iceget Member

    dear community,

    i have 3000 Mailboxes on my ispconfig mailserver. now i get on a spamlist. can i find out which user Spams of the Server?

    i looked on the logfiles; there are many unknown (not created) mailboxes like [email protected];

    my questions:

    1. how i can Setup that the mailserver only sends emails with the associated user?
    2. how i can Setup that a user can only sends Maximum 100 emails in 15 minutes and otherwise lock the user?

    many greets
     
  2. iceget

    iceget Member

    can anybody help me?

    a user (i think Outlook Client) Spams out from the Server with [email protected].

    if i open with postcat the mail, i see the correct authenticated send (which is the correct user).

    but how it can be that a user can Spams over the serverdomain?

    please help thanks

    how i can Auto block users they send from any other e-mailadresses as they have?
     
    Last edited: Jun 3, 2014
  3. srijan

    srijan New Member HowtoForge Supporter

    Refer the thread
    1
    2
     
  4. iceget

    iceget Member

    Hello,

    thanks for your reply, but that is no solution for me :(

    i only has an mailserver (no webserver is there active).

    no maleware was found on the machine (i have already scanned for maleware).

    what i shall do?

    thanks
     
  5. srijan

    srijan New Member HowtoForge Supporter

    Deploy fail2ban to stop spamming.
    Use link
     
  6. iceget

    iceget Member

    hello,

    thanks for your answer.

    but my Problem is; the user spams not in realtime (random)).

    does it work anyway?

    i have added the file Screen.jpg

    many thanks!!
     

    Attached Files:

  7. till

    till Super Moderator Staff Member ISPConfig Developer

    Then either someone got the login details of the account over a unencrypted connection or the computer of the user has been hacked. In any case, you will have to change the password of the account to stop the spam.

    The user may use any sender address, after authentication.
     
  8. iceget

    iceget Member

    Hello Till,

    thanks for your reply.

    can i configure postfix that only the one and only email address can be used for outgoing delivery?

    currently the auth. spammer can use any email address...

    thanks

     
  9. iceget

    iceget Member

    hey,

    can i detect if any authenticated user try sends a mail from another email address so that i can do an Action before we are on a blacklist?
    so i mean the postfix option reject_sender_login_mismatch?


    i have added reject_sender_login_mismatch to smtpd_sender_restrictions (before check_sender_access) but if i restart postfix, i get this error with each user...

    Jun 3 14:34:27 mail01 postfix/smtpd[29615]: NOQUEUE: reject: RCPT from ***: 553 5.7.1 <[email protected]>: Sender address rejected: not owned by user USER@domain; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<ul.raving.at>


     
    Last edited: Jun 3, 2014
  10. iceget

    iceget Member

    So i have added the function without any Problems (http://bugtracker.ispconfig.org/index.php?do=details&task_id=3161)

    now nobody can send emails with another E-Mail address.

    but i have one Problem; if i Forward e-mails from an external (like Exchange online from Microsoft) Mailbox like [email protected] to an in ispconfig created Mailbox like to [email protected] i get the following error back:

    [email protected]
    mail01.server.com
    Remote Server returned '553 5.7.1 <[email protected]>: Sender address rejected: not logged in'

    can anybody help me?

    thanks

     

Share This Page