Search found 18982 matches

by mattg
2018-11-12 09:21
Forum: Development & alpha discussions
Topic: TLSv1.2
Replies: 6
Views: 156

Re: TLSv1.2

Some more things I've learned - PHP 5.6 whilst supporting TLSv1.2 will not connect via TLSv1.2 without tricky modifications of ciphers (apparently - not got it working yet) - PHP 7.X does just fine, as long as you specifically ask to use TLS v1.2 in your code - ASP pages and applications build with ...
by mattg
2018-11-12 00:59
Forum: General discussions
Topic: Can't open more than two SMTP sessions from email client
Replies: 1
Views: 441

Re: Can't open more than two SMTP sessions from email client

run this and post the results >> http://www.hmailserver.com/forum/viewtopic.php?f=20&t=30914 On my server, I currently have 7 SMTP sessions open, while I personally am not sending and mail. I think you've modified some setting that has impacted on this... In saying that sending 10-20K emails in seve...
by mattg
2018-11-12 00:54
Forum: General discussions
Topic: SSL / TLS Encryption
Replies: 5
Views: 772

Re: SSL / TLS Encryption

Run this please and post the results >> http://www.hmailserver.com/forum/viewto ... 20&t=30914
by mattg
2018-11-11 03:56
Forum: General discussions
Topic: SSL / TLS Encryption
Replies: 5
Views: 772

Re: SSL / TLS Encryption

If it is a self signed cert, you will need to accept it in Thunderbird

Minimise the main Thunderbird window and look for a message window where you can accept the certificate
by mattg
2018-11-10 22:53
Forum: Feature requests
Topic: STARTTLS Everywhere! by EFF
Replies: 3
Views: 51

Re: STARTTLS Everywhere! by EFF

Nice to see they contribute to the spambots to make their job easier to find mail servers. Their ' how to use page ': The list is hosted  here , and the corresponding signature is here. ...goes on to fully list all domains (signed up) and mail servers belonging to them all wrapped up in a nice scan...
by mattg
2018-11-10 22:26
Forum: General discussions
Topic: PLC Network Setup
Replies: 3
Views: 815

Re: PLC Network Setup

Change the priority of the new IP range to 20

Higher number = higher priority


AND you still have require AUTH set for your new IP range
AND the BIND address in SMTP advanced settings, binds OUTGOING connections to that NIC, is that what you want?
by mattg
2018-11-10 05:40
Forum: Feature requests
Topic: STARTTLS Everywhere! by EFF
Replies: 3
Views: 51

Re: STARTTLS Everywhere! by EFF

Did you want to add some voting questions?

Is this likely to be added to SpamAssassis in the near future? That would work for most of us...
by mattg
2018-11-10 04:01
Forum: General discussions
Topic: PLC Network Setup
Replies: 3
Views: 815

Re: PLC Network Setup

Your IP ranges in hMailserver is the issue

Create a new ip range in hmailserver for the PLC network, and allow all connection without AUTH

If you are still having issues run this and post the results >> http://www.hmailserver.com/forum/viewto ... 20&t=30914
by mattg
2018-11-09 01:07
Forum: General discussions
Topic: Beginner Questions
Replies: 1
Views: 884

Re: Beginner Questions

Just install hMailserver Don't add any domains or accounts You only need SMTP, so you can turn off POP3 and IMAP Setup a SMTP Relayer to send all mail via your work mail server (ISP's mailserver) if you need to authenticate to send (and you probably will or your documents will be seen as SPAM) - try...
by mattg
2018-11-08 23:03
Forum: General discussions
Topic: Problems with TB or with hmailserver
Replies: 2
Views: 880

Re: Problems with TB or with hmailserver

In Thunderbird

Tools >> Account settings >> [Select each account] >>Synchronisation and storage >> UNCHECK 'Keep messages for this account on this computer'
by mattg
2018-11-08 10:40
Forum: Development & alpha discussions
Topic: TLSv1.2
Replies: 6
Views: 156

Re: TLSv1.2

But the really really cool thing is, that someone contacted me back.
A real live person who knows what TLSv1.2 actually is


I was really pleasantly surprised to receive multiple emails from a technical contact (that all arrived fine from a different ATO server using TLSv1.2)
by mattg
2018-11-08 10:37
Forum: Development & alpha discussions
Topic: TLSv1.2
Replies: 6
Views: 156

Re: TLSv1.2

And the main headline... 'Look after your Mental Health'

here's a link if need some sleep inducement >> https://www.ato.gov.au/misc/sbit/sbnews20181107.html
by mattg
2018-11-08 03:50
Forum: Development & alpha discussions
Topic: TLSv1.2
Replies: 6
Views: 156

Re: TLSv1.2

And yep, was the Tax office newsletter.

I've turned TLSv1.0 off again now, and I'll try and contact them to ask that they fix the security at their end...
by mattg
2018-11-08 03:40
Forum: Development & alpha discussions
Topic: TLSv1.2
Replies: 6
Views: 156

TLSv1.2

I figured that if Office365 can do it, so can I I turned off all TLS protocols EXCEPT for TLSv1.2 Something strange has happened I have an IP camera from a former client that tries to tell me that it's hard drive is full every hour or so. It tries to use SSLv3.0, which I haven't accepted for over a ...
by mattg
2018-11-07 23:55
Forum: Off-topic discussions
Topic: ALternative to Office 365 Message Encryption capabilities
Replies: 7
Views: 212

Re: ALternative to Office 365 Message Encryption capabilities

mikedibella wrote:
2018-11-07 03:20
PM an email address and I'll send you a secure message as a demo.
That is just awesome, and exactly what I need

I'll contact you if I come across any problems


Thanks Heaps!!
by mattg
2018-11-07 23:53
Forum: General discussions
Topic: Relay and Header help
Replies: 7
Views: 1005

Re: Relay and Header help

OK Remove the rule, and the domain and all accounts (The rule won't achieve what you want, and the domain and accounts are not needed) Remove both IP ranges Create a new IP range for your LAN (eg 10.0.00 >> 10.0.0.255 or what ever your LAN IP range is) Allow all without SMTP AUthentication You only ...
by mattg
2018-11-07 15:57
Forum: General discussions
Topic: Send mails to inexistent accounts
Replies: 5
Views: 899

Re: Send mails to inexistent accounts

mattg wrote:
2018-11-07 15:41
If still having trouble

run this and show the results >> http://www.hmailserver.com/forum/viewto ... 20&t=30914
Then enable all logging, try to send mail again, wait unto the error, then post all logs created
by mattg
2018-11-07 15:41
Forum: General discussions
Topic: Send mails to inexistent accounts
Replies: 5
Views: 899

Re: Send mails to inexistent accounts

in hMailserver

Protocols >> Smtp >> Route


If still having trouble

run this and show the results >> http://www.hmailserver.com/forum/viewto ... 20&t=30914
Then enable all logging, try to send mail again, wait unto the error, then post all logs created
by mattg
2018-11-07 15:18
Forum: General discussions
Topic: Send mails to inexistent accounts
Replies: 5
Views: 899

Re: Send mails to inexistent accounts

If the domain exists locally on hMailserver, but the account doesn't, then a route would be needed to send to the remainder of the domain host if that exists. Domain there, account not there, no other hosting (and therefore no route) then mail rejected If the domain doesn't exist locally, hmailserve...
by mattg
2018-11-07 10:05
Forum: Scripting
Topic: Retrieve mail body and pass to batch file
Replies: 13
Views: 177

Re: Retrieve mail body and pass to batch file

ahmadkhaidir wrote:
2018-11-07 04:06
do you have any sample of OnAcceptMessage command?
https://www.hmailserver.com/documentati ... eptmessage
by mattg
2018-11-07 10:00
Forum: General discussions
Topic: server receives messages addressed to wrong domain
Replies: 8
Views: 1023

Re: server receives messages addressed to wrong domain

antons wrote:
2018-11-07 08:35
I would like to block them all.
As would we all

It is a continuous battle fighting SPAMMERs
by mattg
2018-11-07 02:53
Forum: Off-topic discussions
Topic: ALternative to Office 365 Message Encryption capabilities
Replies: 7
Views: 212

Re: ALternative to Office 365 Message Encryption capabilities

Do you have it set to be an internet facing web portal that stores the encrypted pdfs, where a username and password is emailed (or better SMS'd) to the recipient (not a local email address)? Then yes, I'd love to see what you've done, and how Ciphermail has soo many features, that I was thinking of...
by mattg
2018-11-07 01:06
Forum: General discussions
Topic: Relay and Header help
Replies: 7
Views: 1005

Re: Relay and Header help

run this >> http://www.hmailserver.com/forum/viewto ... 20&t=30914

What else does your hmailserver do other than these forwards?
by mattg
2018-11-06 22:57
Forum: General discussions
Topic: Relay and Header help
Replies: 7
Views: 1005

Re: Relay and Header help

This bit "SMTPD" 5088 405 "2018-11-06 13:49:01.235" "<10.10.5.50>" "RECEIVED: RCPT TO:<Mike@companyname.com>" "DEBUG" 5088 "2018-11-06 13:49:01.251" "AWStats::LogDeliveryFailure" "SMTPD" 5088 405 "2018-11-06 13:49:01.251" "<10.10.5.50>" "SENT: 550 Unknown user" Means that you have the domain 'compan...
by mattg
2018-11-05 23:50
Forum: Feature requests
Topic: Country Code IP Block / Allow ( GeoIP )
Replies: 39
Views: 9148

Re: Country Code IP Block / Allow ( GeoIP )

and here is mine (we all approach this slightly differently) Sub OnClientConnect(oClient) 'uses functions: CustomMonthlyLog, Wait, RunCommandWithOutput eventlog.write oClient.IPaddress & " port number " & oClient.port dim oApp, oRanges, TempString, i, a, oRange TempString = "" Set oApp = CreateObjec...
by mattg
2018-11-05 11:46
Forum: General discussions
Topic: Error attempting to send mail
Replies: 2
Views: 868

Re: Error attempting to send mail

yep the diagnostics will show us, but you have 'require SSL/TLS for AUTH' checked in the IP range that applies to your NAS
by mattg
2018-11-05 00:51
Forum: General discussions
Topic: Yet another SSL thread
Replies: 11
Views: 1083

Re: Yet another SSL thread

SorenR wrote:
2018-11-05 00:12
And somewhere in the delivery chain there is an unencrypted link, so it is all for nothing. NSA already knows :mrgreen:
Absolutely correct

If you want to secure your messages, you need to use message level encryption, which is typically performed by mail clients, not mail servers
by mattg
2018-11-05 00:07
Forum: General discussions
Topic: hMailAdmin does not show UI after password entry....
Replies: 1
Views: 871

Re: hMailAdmin does not show UI after password entry....

Not seen that yet

Is it possible that the hmailADMIN.exe GUI is showing off visible screen?
Can you detail what Windows updates have recently installed
by mattg
2018-11-05 00:05
Forum: General discussions
Topic: Yet another SSL thread
Replies: 11
Views: 1083

Re: Yet another SSL thread

This bit ... in Thunderbird, changed Connection security from None to SSL/TLS (which automatically changed port to 995 - for POP3)... SSL/TLS is different to StartTLS StartTLS navigates to the server unencrypted, then after the servers greet each other, then they negotiate security. SSL/TLS navigate...
by mattg
2018-11-04 01:42
Forum: General discussions
Topic: Error Sending Emails to Specific Domain
Replies: 12
Views: 1103

Re: Error Sending Emails to Specific Domain

I presume that it is OK to leave it that way? The only issue is that you are giving google more information about websites you interact with. They monitor / record everything. The additional information that you are telling them is that they will match your public IP address with all of the DNS loo...
by mattg
2018-11-03 00:21
Forum: Feature requests
Topic: Country Code IP Block / Allow ( GeoIP )
Replies: 39
Views: 9148

Re: Country Code IP Block / Allow ( GeoIP )

Yep, the DNSBL seems to be working as usual

Although as this list is fairly static, perhaps someone has it cached in my DNS lookup chain
by mattg
2018-11-03 00:05
Forum: Feature requests
Topic: Country Code IP Block / Allow ( GeoIP )
Replies: 39
Views: 9148

Re: Country Code IP Block / Allow ( GeoIP )

Easiest way I have found is to add a DNSBL zz.countries.nerd.dk My expected result = 127.0.0.1-35|127.0.0.37-255|127.0.1.*|127.0.2.0-41|127.0.2.43-255|127.0.3.1-71|127.0.3.73-255 Which allows AU, NZ and USA full set of results is here >> http://countries.nerd.dk/isolist.txt (that is not loading for ...
by mattg
2018-11-02 23:45
Forum: General discussions
Topic: Failed to bind to IP address [external ip]
Replies: 4
Views: 955

Re: Failed to bind to IP address [external ip]

Settings >> Protocols >> SMTP >> Advanced >> delivery of e-mail >> bind to local IP address Make that blank ALSO Settings >> Advanced >> TCP/IP ports >> Make sure that all TCP/IP addresses are 0.0.0.0 unless you have a very specific reason NOT to do that If in doubt (or it is still not working), the...
by mattg
2018-11-02 23:40
Forum: General discussions
Topic: Relay and Header help
Replies: 7
Views: 1005

Re: Relay and Header help

First things first

Does Unity actually connect to hMailserver?

please enable all logging in hmailsevrer, try to force the connection from unity, wait at least 30 seconds or until you get an error in unity and post all logs created....

As a rule of thumb, Windows doesn't handle VLANs at all
by mattg
2018-11-02 23:30
Forum: General discussions
Topic: config ip:port with ssl-certificates for each domains
Replies: 2
Views: 896

Re: config ip:port with ssl-certificates for each domains

Questions: Now, I want to support the other domains with ssl-certifcates. How can I to this? You can't do this (and you don't need to - see below) you can have 1 SSL cert per port, but you can't have multiple SSL certs per port What I do (and what most ISPs, including gmail and Office365 do for the...
by mattg
2018-11-02 08:31
Forum: General discussions
Topic: Error Sending Emails to Specific Domain
Replies: 12
Views: 1103

Re: Error Sending Emails to Specific Domain

I'm pretty comfortable that is a local DNS error

your hMailserver is doing a DNS lookup immediately before the crashes
Change your DNS settings in windows (in your Windows network connections try setting your IPv4 DNS to 8.8.8.8 which is google's DNS server) and see what happens then
by mattg
2018-11-02 06:42
Forum: General discussions
Topic: Error Sending Emails to Specific Domain
Replies: 12
Views: 1103

Re: Error Sending Emails to Specific Domain

ALSO Debug logging will give a bit more info, can you enable debug logging as well please
by mattg
2018-11-02 06:40
Forum: General discussions
Topic: Error Sending Emails to Specific Domain
Replies: 12
Views: 1103

Re: Error Sending Emails to Specific Domain

SMTPD is your mail client connecting to your server It hasn't reached the stage yet where it is trying to send to the recipient server. Is it all messages? Is it all senders? Does sending to everyone at this domain create the same errors? It is something peculiar to your server. Run this and post th...
by mattg
2018-11-02 04:02
Forum: General discussions
Topic: Error Sending Emails to Specific Domain
Replies: 12
Views: 1103

Re: Error Sending Emails to Specific Domain

When you say "error received..." where exactly is this error received?

Can you please show the contents of your error log?
by mattg
2018-11-01 11:26
Forum: General discussions
Topic: Making LetsEncrypt Certificates usable for hMail
Replies: 6
Views: 1273

Re: Making LetsEncrypt Certificates usable for hMail

The full-chain.pem (as opposed to the chain.pem) means that the mail clients don't have to ask if the certificate is OK to use. You will likely find that the chain.pem is ONLY the CA certs and not your sert as well. You could open your cert in notepad, copy the entire contents (start and finish line...
by mattg
2018-11-01 07:47
Forum: General discussions
Topic: Installation of hmailserver in windows 2008 r2
Replies: 11
Views: 1101

Re: Installation of hmailserver in windows 2008 r2

mois22 wrote:
2018-11-01 04:45
Sorry, please, but I do not understand what I should do when it says to enable the whole record, in which part of it to do it
Settings >> logging >> select all options
by mattg
2018-10-31 23:14
Forum: Off-topic discussions
Topic: ALternative to Office 365 Message Encryption capabilities
Replies: 7
Views: 212

Re: ALternative to Office 365 Message Encryption capabilities

The link to the 'homepage' on that page you linked to sent me to
https://www.ciphermail.com/index.html

That looks interesting. It has an open source variant and comes prepackaged in a couple of VM flavours including HyperV (Which I use).

Thanks for the link
by mattg
2018-10-31 23:04
Forum: General discussions
Topic: DKIM not applying
Replies: 8
Views: 1057

Re: DKIM not applying

for me the signing occurs between these two lines "DEBUG" 7600 "2018-10-31 17:37:33.995" "Local delivery completed" "DEBUG" 1460 "2018-10-31 17:37:34.011" "Ending session 48398" Also, my dkim key file has the extension .key NOT the .pem that you have, although it is in the same format as you describ...
by mattg
2018-10-31 22:54
Forum: General discussions
Topic: Installation of hmailserver in windows 2008 r2
Replies: 11
Views: 1101

Re: Installation of hmailserver in windows 2008 r2

mattg wrote:
2018-10-31 00:07
#2 enable all logging, do whatever you are that provides a problem, wait at least 90 seconds, and post all logs created
by mattg
2018-10-31 22:52
Forum: General discussions
Topic: Mysql express password
Replies: 1
Views: 890

Re: Mysql express password

MS SQL Server doesn't use username or password, it uses Windows credentials

Check the permissions of the WIndows user that hMailserver SERVICE runs under, for access to the MS SQL Express
You may need to change the hMailserver SERVICE user
by mattg
2018-10-31 15:48
Forum: General discussions
Topic: cannot connect to email
Replies: 6
Views: 971

Re: cannot connect to email

For some unknown reason when you run the internal diagnostics, a web server and not a mail server answers on port 25 note the received: HTTP/1.0.200 OK in the internal diagnostics... compare that to the hMailserver response of received: 220 mail.hmailserver.com ESMTP check and re-check your router f...
by mattg
2018-10-31 15:39
Forum: General discussions
Topic: DKIM not applying
Replies: 8
Views: 1057

Re: DKIM not applying

Why is the selector 'scms' ?


ALSO, I think that the account needs to authenticate. Does it do that?
Can you show some logs please
by mattg
2018-10-31 06:31
Forum: General discussions
Topic: Delete & Move of emails more than ~20 fails through IMAP with no error
Replies: 11
Views: 2221

Re: Delete & Move of emails more than ~20 fails through IMAP with no error

How many mail messages are being moved?
Is this via LAN?

Can you enable all logging, and show at least 10 minutes of logging when this is happening
by mattg
2018-10-31 02:49
Forum: Off-topic discussions
Topic: ALternative to Office 365 Message Encryption capabilities
Replies: 7
Views: 212

ALternative to Office 365 Message Encryption capabilities

https://docs.microsoft.com/en-us/office365/securitycompliance/set-up-new-message-encryption-capabilities This looks really interesting I'd like to implement an open source alternative Any ideas?? Essentially I want to accept mail on my hmailserver, and only allow access to account holders on my serv...
by mattg
2018-10-31 00:07
Forum: General discussions
Topic: Installation of hmailserver in windows 2008 r2
Replies: 11
Views: 1101

Re: Installation of hmailserver in windows 2008 r2

#1 run this and post the results >> http://www.hmailserver.com/forum/viewtopic.php?f=20&t=30914 #2 enable all logging, do whatever you are that provides a problem, wait at least 90 seconds, and post all logs created #3 try in different words to explain in more detail exactly what you did and what yo...
by mattg
2018-10-30 23:58
Forum: General discussions
Topic: DKIM not applying
Replies: 8
Views: 1057

Re: DKIM not applying

DKIM signing only applies to external addresses, not addresses hosted locally on your hMailserver

I get lines like this in my logs

"DEBUG" 9020 "2018-10-31 07:57:02.144" "Signing message using DKIM..."
by mattg
2018-10-30 00:40
Forum: General discussions
Topic: cannot connect to email
Replies: 6
Views: 971

Re: cannot connect to email

Is thunderbird on same machine? or different machine?
If different, same LAN? or Internet?

Can you please run the internal diagnostics and post the results. Don't change the 'outbound port 25 hostname'
by mattg
2018-10-29 14:46
Forum: General discussions
Topic: Account rules not applying
Replies: 10
Views: 1117

Re: Account rules not applying

please show your rules in entirety (screen shot is great), and also headers and SMTP logs of a message that gets past, that shouldn't
by mattg
2018-10-29 03:30
Forum: General discussions
Topic: Upgrading Database and SSL
Replies: 32
Views: 2088

Re: Upgrading Database and SSL

Headers are unlikely to show any detail of the connection

The ONLY way to tell is check your logs
Connection Encryption shows up under TCP/IP logging
by mattg
2018-10-29 01:33
Forum: General discussions
Topic: Upgrading Database and SSL
Replies: 32
Views: 2088

Re: Upgrading Database and SSL

I don't understand what you want me to look at...

What has your webmail got to do with sending mail to gMail?
How is the mail sent to gmail? DO you have logs
Where is the error?

Is your question about SSL vs NON-SSL connections from your webmail to your mailserver?
Which webmail have you updated?
by mattg
2018-10-28 02:32
Forum: Off-topic discussions
Topic: Port 143 attack
Replies: 27
Views: 665

Re: Port 143 attack

so same password, 2200+ different IP addresses, all port 993 Are they all trying the same password? How can you test? Wireshark perhaps I think if the same password then a coordinated DDOS from lots of IPs, if a different password is tried then I think a coordinated attempt to compromise your server...
by mattg
2018-10-27 22:56
Forum: Off-topic discussions
Topic: Port 143 attack
Replies: 27
Views: 665

Re: Port 143 attack

That's got to be a well coordinated, planned attack. What motivates these idiots to do this stuff, and my guess is that means that they have at least 2200 machines under their control that don't know that they are being used... Presumably there is a central machine organising this, and setting the n...
by mattg
2018-10-27 04:48
Forum: User-submitted tutorials
Topic: Force TLS1.2 on Windows 7 and Server 2008
Replies: 3
Views: 269

Re: Force TLS1.2 on Windows 7 and Server 2008

I've found that - Machines that were Windows 7 and were upgraded to Windows 10 need this - simply enabling TLS v1.2 isn't enough. You actively need to disable all of the other protocols - This matters for email sent from scripts - this matters for multiple mail clients, including Outlook and Thunder...
by mattg
2018-10-27 04:43
Forum: General discussions
Topic: Understanding the SSL/TLS ciphers list
Replies: 11
Views: 1643

Re: Understanding the SSL/TLS ciphers list

Looking at this again with a view to hopefully switch off all but TLS v1.2 very soon (given Office365.com's decision to do that from 1 November 2018) In the last month, I have had:- - 1 connection that was TLS 1.1, and this was from a local government educational institution - about four regular sen...