Control Web Panel
WebPanel => E-Mail => Topic started by: crmgddn63 on March 06, 2016, 01:30:52 PM
-
Hello, how can i test email server security ? and what can i more security for email server ?
thank you.
-
Hello, how can i test email server security ? and what can i more security for email server ?
thank you.
Install spamhaus with csf enabled
-
Hello, how can i test email server security ? and what can i more security for email server ?
thank you.
Install CSF, and configure to catch smtp/pop/sshd brute forces..
And dont forget to limit client sending email per minutes
-
Thank you jae. it's Worked. ;) i use csf without spamhous ? is a required rellay ?
-
i can not stop this is. how can i do that ? try to every secont only one domain on cwp.
Mar 25 00:56:28 cwp postfix/smtpd[1662]: setting up TLS connection from mail.vosmoa.cz[89.239.8.138]
Mar 25 00:56:28 cwp postfix/smtpd[1662]: Anonymous TLS connection established from mail.vosmoa.cz[89.239.8.138]: TLSv1 with cipher AES256-SHA (256/256 bits)
Mar 25 00:56:28 cwp postfix/smtpd[3810]: setting up TLS connection from s72-38-66-174.static.comm.cgocable.net[72.38.66.174]
Mar 25 00:56:29 cwp policyd-spf[4182]: None; identity=helo; client-ip=89.239.8.138; helo=mail.vosmoa.cz; envelope-from=<>; receiver=fordkimberley2679@parkeddomain.com
Mar 25 00:56:29 cwp postfix/smtpd[1662]: NOQUEUE: reject: RCPT from mail.vosmoa.cz[89.239.8.138]: 450 4.1.1 <FordKimberley2679@parkeddomain.com>: Recipient address rejected: User unknown in virtual mailbox table; from=<> to=<FordKimberley2679@parkeddomain.com> proto=ESMTP helo=<mail.vosmoa.cz>
Mar 25 00:56:29 cwp postfix/smtpd[3810]: Anonymous TLS connection established from s72-38-66-174.static.comm.cgocable.net[72.38.66.174]: TLSv1 with cipher AES128-SHA (128/128 bits)
Mar 25 00:56:29 cwp postfix/smtpd[1662]: disconnect from mail.vosmoa.cz[89.239.8.138]
Mar 25 00:56:29 cwp policyd-spf[3812]: None; identity=helo; client-ip=72.38.66.174; helo=exchange.jbm.ca; envelope-from=<>; receiver=fields.shirley2159@parkeddomain.com
Mar 25 00:56:29 cwp postfix/smtpd[3810]: NOQUEUE: reject: RCPT from s72-38-66-174.static.comm.cgocable.net[72.38.66.174]: 450 4.1.1 <Fields.Shirley2159@parkeddomain.com>: Recipient address rejected: User unknown in virtual mailbox table; from=<> to=<Fields.Shirley2159@parkeddomain.com> proto=ESMTP helo=<exchange.jbm.ca>
Mar 25 00:56:30 cwp postfix/smtpd[3810]: disconnect from s72-38-66-174.static.comm.cgocable.net[72.38.66.174]
Mar 25 00:57:18 cwp postfix/smtpd[3803]: connect from mail.zsblazkova.cz[217.66.160.139]
Mar 25 00:57:18 cwp postfix/smtpd[3803]: setting up TLS connection from mail.zsblazkova.cz[217.66.160.139]
Mar 25 00:57:19 cwp postfix/smtpd[3803]: Anonymous TLS connection established from mail.zsblazkova.cz[217.66.160.139]: TLSv1 with cipher AES256-SHA (256/256 bits)
Mar 25 00:57:19 cwp policyd-spf[3822]: None; identity=helo; client-ip=217.66.160.139; helo=mail.zsblazkova.cz; envelope-from=<>; receiver=baileyhaywood53066@parkeddomain.com
Mar 25 00:57:19 cwp postfix/smtpd[3803]: NOQUEUE: reject: RCPT from mail.zsblazkova.cz[217.66.160.139]: 450 4.1.1 <BaileyHaywood53066@parkeddomain.com>: Recipient address rejected: User unknown in virtual mailbox table; from=<> to=<BaileyHaywood53066@parkeddomain.com> proto=ESMTP helo=<mail.zsblazkova.cz>
Mar 25 00:57:19 cwp postfix/smtpd[3803]: disconnect from mail.zsblazkova.cz[217.66.160.139]
Mar 25 00:57:20 cwp postfix/smtpd[1662]: connect from mail.ndc.dk[77.68.238.147]
Mar 25 00:57:20 cwp postfix/smtpd[1662]: setting up TLS connection from mail.ndc.dk[77.68.238.147]
Mar 25 00:57:20 cwp postfix/smtpd[1662]: Anonymous TLS connection established from mail.ndc.dk[77.68.238.147]: TLSv1 with cipher AES256-SHA (256/256 bits)
Mar 25 00:57:21 cwp policyd-spf[4182]: None; identity=helo; client-ip=77.68.238.147; helo=mail.ndc.dk; envelope-from=<>; receiver=shorttisha15602@parkeddomain.com
Mar 25 00:57:21 cwp postfix/smtpd[1662]: NOQUEUE: reject: RCPT from mail.ndc.dk[77.68.238.147]: 450 4.1.1 <ShortTisha15602@parkeddomain.com>: Recipient address rejected: User unknown in virtual mailbox table; from=<> to=<ShortTisha15602@parkeddomain.com> proto=ESMTP helo=<mail.ndc.dk>
Mar 25 00:57:21 cwp postfix/smtpd[1662]: disconnect from mail.ndc.dk[77.68.238.147]
Mar 25 00:57:33 cwp postfix/smtpd[3803]: connect from mail.vosmoa.cz[89.239.8.138]
Mar 25 00:57:33 cwp postfix/smtpd[3803]: setting up TLS connection from mail.vosmoa.cz[89.239.8.138]
Mar 25 00:57:33 cwp postfix/smtpd[3810]: connect from s72-38-66-174.static.comm.cgocable.net[72.38.66.174]
Mar 25 00:57:33 cwp postfix/smtpd[3803]: Anonymous TLS connection established from mail.vosmoa.cz[89.239.8.138]: TLSv1 with cipher AES256-SHA (256/256 bits)
Mar 25 00:57:33 cwp postfix/smtpd[3810]: setting up TLS connection from s72-38-66-174.static.comm.cgocable.net[72.38.66.174]
Mar 25 00:57:34 cwp policyd-spf[3822]: None; identity=helo; client-ip=89.239.8.138; helo=mail.vosmoa.cz; envelope-from=<>; receiver=fordkimberley2679@parkeddomain.com
Mar 25 00:57:34 cwp postfix/smtpd[3803]: NOQUEUE: reject: RCPT from mail.vosmoa.cz[89.239.8.138]: 450 4.1.1 <FordKimberley2679@parkeddomain.com>: Recipient address rejected: User unknown in virtual mailbox table; from=<> to=<FordKimberley2679@parkeddomain.com> proto=ESMTP helo=<mail.vosmoa.cz>
Mar 25 00:57:34 cwp postfix/smtpd[3810]: Anonymous TLS connection established from s72-38-66-174.static.comm.cgocable.net[72.38.66.174]: TLSv1 with cipher AES128-SHA (128/128 bits)
Mar 25 00:57:34 cwp postfix/smtpd[3803]: disconnect from mail.vosmoa.cz[89.239.8.138]
Mar 25 00:57:34 cwp policyd-spf[3812]: None; identity=helo; client-ip=72.38.66.174; helo=exchange.jbm.ca; envelope-from=<>; receiver=fields.shirley2159@parkeddomain.com
Mar 25 00:57:34 cwp postfix/smtpd[3810]: NOQUEUE: reject: RCPT from s72-38-66-174.static.comm.cgocable.net[72.38.66.174]: 450 4.1.1 <Fields.Shirley2159@parkeddomain.com>: Recipient address rejected: User unknown in virtual mailbox table; from=<> to=<Fields.Shirley2159@parkeddomain.com> proto=ESMTP helo=<exchange.jbm.ca>
Mar 25 00:57:35 cwp postfix/smtpd[3810]: disconnect from s72-38-66-174.static.comm.cgocable.net[72.38.66.174]
-
i can not stop this is. how can i do that ? try to every secont only one domain on cwp.
you can put unwanted ip on /etc/csf/csf.deny , but not recomended ( i think), because you might will have a huge list.
Easiest way is using real time rbl checking, at least barracuda, spamcop, spamhouse and sorbs
-
you can put unwanted ip on /etc/csf/csf.deny , but not recomended ( i think), because you might will have a huge list.
Easiest way is using real time rbl checking, at least barracuda, spamcop, spamhouse and sorbs
I had set the following in main.cf but still lots of spam mail connection attempts.
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net, reject_rbl_client dnsbl.sorbs.net,check_policy_service unix:private/spfpolicy
Any better idea to get this resolve?
-
you cant stop spamming but you can limit them
-
you cant stop spamming but you can limit them
Ya, you are right.
I had limited the spam on VPS by using the CSF custom regex & fail2ban.
You may refer to this http://forum.centos-webpanel.com/csf-firewall/csf-custom-regex-fail2ban-regex/.
-
Does anyone know how to implement the Spamhaus recommendations of wrapping the SMTP daemon and blocking direct-to-MX sending? https://www.spamhaus.org/news/article/718/stop-spammers-from-exploiting-your-webserver
Is this something CWP can help set up?
-
Installing Spamhaus is mandate in AntiSpam or we can leave Uninstall it ?