Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - umtu06

Pages: [1] 2
1
Postfix / Re: postfix only allow PDF attachments
« on: September 25, 2024, 06:28:31 AM »
Thanks for the answer. Instead of specifying the prohibited file extensions one by one, I would like to block all files except PDF.  8) Is it possible?

2
Postfix / postfix only allow PDF attachments
« on: September 24, 2024, 11:48:34 AM »
Hello. I made the following settings but why is it blocking all attachments?
Why does it block all files including PDF?

main.cfg file content :
header_checks = pcre:/etc/postfix/header_checks

header_checks file content :

#(this working)
/^Subject:.*expires.*$/i DISCARD   


# only allow .pdf but blocking all attachments?  pdf file also blocked.
/^Content-Disposition:.*filename=.*\.pdf$/ OK
/^Content-Disposition:.*filename=.*$/ REJECT

Thanks in advance.

3
DNS / Re: Strange DNS Zone Template applied
« on: April 04, 2024, 12:06:09 PM »
I learned the location of the /usr/local/cwpsrv/htdocs/resources/conf/dns/bind/zones/default.tpl file from you. I was looking for this. Thanks a lot. I don't know if this is the answer you are looking for, but the name of my file is default.tpl, not custom.tpl. Try creating default.tpl in this folder.

4
E-Mail / How to use only e-mail in CWP7?
« on: January 06, 2024, 07:08:19 PM »
The website is running on another server. Is it possible to host only emails in cwp7? I will direct the mx settings from the domain company to cwp7. (like mx.***.com -> 123.123.123.123) So what should I do in CWP7? Thank you in advance for your guidance.

5
E-Mail / Re: There is a CWP server vulnerability. Please help me.
« on: August 09, 2023, 06:13:12 AM »
Thank you Starburst and overseer. If the php mail function is left on, mail can be sent from non-existent mailboxes. very logical. I edited the php.ini file as follows.

PHP.INI

[mail function]
; For Win32 only.
SMTP = localhost
smtp_port = 25

When I delete them, sending mail via php will stop. Of course after reboot. In addition, PhpMailer script is necessary because it can send via smtp in website contact forms. I hope this method prevents mass spam output from accounts not on my server.

6
Thank you very much for these advanced settings. It will greatly relieve the incoming mailbox.

7
E-Mail / Re: There is a CWP server vulnerability. Please help me.
« on: August 07, 2023, 06:13:35 PM »
My mail server looks like a caravanserai. :-[

Aug 7 20:49:08 ns85 cbpolicyd[20875]: module=Quotas, mode=update, host=35.190.144.99, helo=ytvzrldycp, from=erkakxnzbd@yahoo.com, to=dsfhgsdfsds@outlook.com, reason=quota_update, policy=9, quota=6, limit=7, track=Sender:@yahoo.com, counter=MessageCount, quota=1.00/50 (2.0%)

8
thank you for the answer. I don't have the "permit" part in the last line of the "smtpd_sender_restrictions" section. should i add? what does it do?

Code: [Select]
smtpd_sender_restrictions =
    permit_mynetworks,
    permit_sasl_authenticated,
    check_sender_access hash:/etc/postfix/sender_access,
    reject_unknown_sender_domain,
    warn_if_reject,
    reject_unverified_sender

smtpd_recipient_restrictions =
check_policy_service inet:127.0.0.1:10031,
permit_sasl_authenticated,
permit_mynetworks,
reject_unauth_destination,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_recipient_domain,
reject_rbl_client zen.spamhaus.org,
reject_rbl_client bl.spamcop.net

9
Thank you for the answer. SPF, DKIM and DMARC are all active. also CSF and LFD firewall are up to date. However, the infiltration continues.

10
Yes. When I look at the mail logo, non-existent mails on my server are constantly sending mail.
mail log:

cbpolicyd[3094]: module=Quotas, action=defer, host=185.208.23.255, helo=255.23.208.185.dynamic.electronicamartinez.es, from=ferdinand@he.com, to=ferdinand@he.com, reason=quota_match, policy=9, quota=6, limit=7, track=Sender:@he.com, counter=MessageCount, quota=51.66/50 (103.3%)

11
Postfix / Re: Postfix whitelist problem
« on: August 05, 2023, 05:43:07 AM »
did you find a solution? üstat çözüm bulabildin mi?

12
E-Mail / Re: There is a CWP server vulnerability. Please help me.
« on: August 04, 2023, 10:44:46 AM »
Thank you for your useful suggestions.
I am using firewall. I also add manual thread but there are many different threads. impossible to reach.
I entered the lines you wrote aggressively to the Main conf settings.
But the bombardment continues.
The interesting thing is that he sends the mail inside, not outside.
How do I restrict the domain from sending mail to itself?

13
How to prevent sending e-mails from non-existent e-mail addresses? In other words, how should the sender's e-mail address be verified on the server before sending an e-mail, and then how should be followed to send it?

14
E-Mail / Re: There is a CWP server vulnerability. Please help me.
« on: August 03, 2023, 09:13:42 PM »
Please help me.

from=ferdinand@khe.com, to=ferdinand@khe.com,

They attacked my server again today. The domain khe.com exists, but the mails are not available. It keeps the server busy. What is your recommendation?

Mail Log:
Aug 3 21:32:42 ns85 cbpolicyd[3094]: module=Quotas, action=defer, host=185.208.23.255, helo=255.23.208.185.dynamic.electronicamartinez.es, from=ferdinand@khe.com, to=ferdinand@khe.com, reason=quota_match, policy=9, quota=6, limit=7, track=Sender:@khe.com, counter=MessageCount, quota=51.66/50 (103.3%)

VER: CWP version: 0.9.8.1164


15
E-Mail / There is a CWP server vulnerability. Please help me.
« on: January 19, 2023, 10:53:52 AM »
Mail is being sent from my domain name against my request on my CWP server.HELP

Please help URGENTLY.
Log records as follows:
helo=87-207-170-128.dynamic.chello.pl, from=qdzftt632@xxx.com.tr, to=qdzftt632@xxx.com.tr,

The domain mentioned here is mine, but I do not have such mails. Spam is constantly being sent.

_dmarc   14400   IN   TXT   "v=DMARC1; p=reject"
@   14400   IN   TXT   "v=spf1 +a +mx +ip4:xxxxxxx ip4:xxxxxxx -all"

also it is not possible for them to steal any password from me.

Pages: [1] 2