Use this forum if you have installed hMailServer and want to ask a question related to a production release of hMailServer. Before posting,
please read the troubleshooting guide. A large part of all reported issues are already described in detail here.
-
eliassal
- Normal user

- Posts: 221
- Joined: 2010-08-15 18:05
-
Contact:
Post
by eliassal » 2020-01-08 13:43
I have a question about the default configuration in the IP Ranges for internet
Lower 0.0.0.0 Upper 255.255.255.255
which I understand that any IP on earth can use this mail server.
Since I opened smtp and POP3 ports on the firewall, I started seeing the following log in hMailserver
"TCPIP" 156 "2020-01-07 12:18:47.254" "TCP - 45.148.10.151 connected to 192.168.10.34:25."
"DEBUG" 156 "2020-01-07 12:18:47.254" "Client connection from 45.148.10.151 was not accepted. Blocked either by IP range or by connection limit."
"DEBUG" 156 "2020-01-07 12:18:47.254" "Ending session 172"
"DEBUG" 156 "2020-01-07 12:18:47.347" "Creating session 174"
"TCPIP" 156 "2020-01-07 12:18:47.348" "TCP - 45.148.10.151 connected to 192.168.10.34:25."
Of course I right away blacklisted the IP in the firewall, my question is what made hMailserver refuse the connection and what measures should be implemented on my hMailServer? is it possible to have alerts when this thing happen again from other IPs?
-
eliassal
- Normal user

- Posts: 221
- Joined: 2010-08-15 18:05
-
Contact:
Post
by eliassal » 2020-01-08 14:16
subscribed to notification
-
palinka
- Senior user

- Posts: 2321
- Joined: 2017-09-12 17:57
Post
by palinka » 2020-01-08 16:24
It means the connection was rejected by autoban.
-
mattg
- Moderator

- Posts: 21184
- Joined: 2007-06-14 05:12
- Location: 'The Outback' Australia
Post
by mattg » 2020-01-08 16:42
Autoban is NOT turned on be default
Autoban is caused by multiple incorrect guesses at passwords
You could script to be notified, but seriously on my VERY locked down system, there is a new ip about 15 times per day
Welcome to the internet
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation
-
eliassal
- Normal user

- Posts: 221
- Joined: 2010-08-15 18:05
-
Contact:
Post
by eliassal » 2020-01-08 17:03
Thanks no script available to use? if I should write 1, where it should located and its name?
-
mattg
- Moderator

- Posts: 21184
- Joined: 2007-06-14 05:12
- Location: 'The Outback' Australia
Post
by mattg » 2020-01-08 23:50
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation
-
palinka
- Senior user

- Posts: 2321
- Joined: 2017-09-12 17:57
Post
by palinka » 2020-01-09 01:13
If you're using hmailserver 5.7, then you can use OnClientLogon to trigger failed logons (which trigger autobans).
Code: Select all
Function Lookup(strRegEx, strMatch) : Lookup = False
With CreateObject("VBScript.RegExp")
.Pattern = strRegEx
.Global = False
.MultiLine = True
.IgnoreCase = True
If .Test(strMatch) Then Lookup = True
End With
End Function
Function NotifyFailedLogon(xUserName, xIPAddress)
Dim oMessage
Set oMessage = CreateObject("hMailServer.Message")
oMessage.From = "Notifier <notify@mydomain.com>"
oMessage.FromAddress = "notify@mydomain.com"
oMessage.Subject = "Failed Logon"
oMessage.AddRecipient "My Name", "myname@mydomain.com"
oMessage.Body = "Failed Logon at for user " & xUserName & " from IP: " & xIPAddress
oMessage.Save
End Function
Sub OnClientLogon(oClient)
If oClient.Authenticated Then
' YAY!
Else
strRegEx = "@mydomain1.com|@mydomain2.com|@mydomain3.com"
If Lookup(strRegEx, oClient.Username) Then
Call SendSMS(SMSNumber, sMSG)
End If
Call NotifyFailedLogon(oClient.Username, oClient.IPAddress)
End if
End Sub
-
palinka
- Senior user

- Posts: 2321
- Joined: 2017-09-12 17:57
Post
by palinka » 2020-01-09 02:02
Oops... Remnants from my own OnClientLogon. Fixed here.
Code: Select all
Sub OnClientLogon(oClient)
If oClient.Authenticated Then
' YAY!
Else
Dim strRegEx : strRegEx = "@mydomain1.com|@mydomain2.com|@mydomain3.com"
If Lookup(strRegEx, oClient.Username) Then
Call NotifyFailedLogon(oClient.Username, oClient.IPAddress)
End If
End if
End Sub
Or....
Code: Select all
Sub OnClientLogon(oClient)
If NOT oClient.Authenticated Then
Dim strRegEx : strRegEx = "@mydomain1.com|@mydomain2.com|@mydomain3.com"
If Lookup(strRegEx, oClient.Username) Then
Call NotifyFailedLogon(oClient.Username, oClient.IPAddress)
End If
End if
End Sub