Search found 809 matches

by RvdH
2019-11-19 09:46
Forum: General discussions
Topic: Fake SURBL DNSBL from local network
Replies: 14
Views: 183

Re: Fake SURBL DNSBL from local network

Could it be because of 'SURBL detection properly fails to detect url's ending with a query string issue #108' in < 5.7.0 builds?

Perhaps you could try my custom build, that should fix above issue
5.6.8-B2494.22.7z
(969.3 KiB) Downloaded 1 time
by RvdH
2019-11-15 13:11
Forum: General discussions
Topic: Fake SURBL DNSBL from local network
Replies: 14
Views: 183

Re: Fake SURBL DNSBL from local network

multi.surbl.org lists domain cb-killer.ru as a spammer, not hmailserver
hmailserver only checks the domain against multi.surbl.org

[EDIT]
I see your point... doing the lookup with http://www.surbl.org/surbl-analysis the result is: cb-killer.ru is NOT listed

Weird...cached DNS lookup result maybe?
by RvdH
2019-11-15 10:44
Forum: General discussions
Topic: Fake SURBL DNSBL from local network
Replies: 14
Views: 183

Re: Fake SURBL DNSBL from local network

Mmmm, right :!: :?:
...but what is your actual question?

cb-killer.ru is a existing domain, which actually can be listed in multi.surbl.org (and apparently is)
DNSBL lookups seem fine
by RvdH
2019-11-13 13:52
Forum: General discussions
Topic: Autoban weirdness
Replies: 16
Views: 276

Re: Autoban weirdness

Has he also changed the default internet and Localhost rages Priority Only the 'My computer' range is higher, eg: 30 instead of the 15 it was before.... 'Internet' range is still 10 Nothing changed for me - meaning I upgraded and my old settings remained the same, but the new autoban = 100 was unkn...
by RvdH
2019-11-13 11:03
Forum: General discussions
Topic: Autoban weirdness
Replies: 16
Views: 276

Re: Autoban weirdness

The change of the 'My computer' range i kinda could understand, as a default install with previous value (15) would lockout localhost when auto-ban (20) is enabled...but once he also changed the auto-ban priority in 5.7.x the change to the 'My computer' range is redundant again I have also posted th...
by RvdH
2019-11-13 09:57
Forum: General discussions
Topic: Autoban weirdness
Replies: 16
Views: 276

Re: Autoban weirdness

mattg wrote:
2019-11-13 08:18
Has he also changed the default internet and Localhost rages Priority
Only the 'My computer' range is higher, eg: 30 instead of the 15 it was before.... 'Internet' range is still 10
by RvdH
2019-11-13 00:50
Forum: General discussions
Topic: Autoban weirdness
Replies: 16
Views: 276

Re: Autoban weirdness

palinka wrote:
2019-11-13 00:47
I guess that's the answer. Problem solved.
I know :)

But i am still a bit curious why martin changed that value in 5.7.x, i really can't see a reason for that and as it shows it breaks running instances...so it is a silly change in my opinion
by RvdH
2019-11-13 00:14
Forum: General discussions
Topic: Autoban weirdness
Replies: 16
Views: 276

Re: Autoban weirdness

Autoban priority is changed in 5.7.x https://www.hmailserver.com/forum/viewtopic.php?f=7&t=34313 ONLY on the version used by that user ie Dravion's version hMailserver still sets them at 20 No, maybe your used scripts do, but hmailserver 5.7.x internally set them to 100 (eg: a faulty login via webm...
by RvdH
2019-11-12 21:41
Forum: General discussions
Topic: Autoban weirdness
Replies: 16
Views: 276

Re: Autoban weirdness

Autoban priority is changed in 5.7.x

https://www.hmailserver.com/forum/viewt ... =7&t=34313
by RvdH
2019-11-05 11:03
Forum: General discussions
Topic: Issue to connect
Replies: 7
Views: 406

Re: Issue to connect

What libmysql.dll do you have? Currently hmailserver is only working with libmysql.dll 5.x and won't work with libmysql.dll 8.x
by RvdH
2019-09-24 10:39
Forum: General discussions
Topic: Urgent help! Why can someone send an email through my mail server without verification?
Replies: 16
Views: 1886

Re: Urgent help! Why can someone send an email through my mail server without verification?

You have a compromised account (username: hnjz), by default hmailserver allows a authenticated user to send from any emailaddress for the domains you own/host Many of us use scripts to only allow authenticated users in same domain or only from the authenticated account, below you find some examples ...
by RvdH
2019-09-21 01:43
Forum: General discussions
Topic: Migration Recommendations - Server 2008 to Server 2019.
Replies: 6
Views: 562

Re: Migration Recommendations - Server 2008 to Server 2019.

Based on your hardware in use, a 3gb backup, should be taken care of within minutes on modern hardware, read SATA/NVME SSD...i would not worry to much about downtime If you are going to have to change DNS records i could be wise to set them TTL levels as low as you can before monday, the shorter the...
by RvdH
2019-09-20 21:49
Forum: General discussions
Topic: Server Messages not signed?
Replies: 36
Views: 2489

Re: Server Messages not signed?

No, you are out of luck then, mail forwarded to external email addresses through aliases and distribution list are never DKIM signed
by RvdH
2019-09-11 15:06
Forum: General discussions
Topic: Issues After victualing server
Replies: 5
Views: 432

Re: Issues After victualing server

Firewall exceptions added?
by RvdH
2019-09-04 11:32
Forum: General discussions
Topic: Microsoft and Gmail are refusing our emails
Replies: 1
Views: 257

Re: Microsoft and Gmail are refusing our emails

Hard to help you to find the issue without the actual domain name and/or IP address
by RvdH
2019-09-03 22:33
Forum: General discussions
Topic: Autoban problem
Replies: 5
Views: 431

Re: Autoban problem

In 5.6.x the autoban priority is 20 so therefor the documentation is correct

You sure you are not using 5.7.x?
by RvdH
2019-09-03 19:28
Forum: General discussions
Topic: Autoban problem
Replies: 5
Views: 431

Re: Autoban problem

For 5.7.x, simply increase (higher than 100) the priority for webmail address (probably 127.0.0.1 if ran on same server)?

Version 5.7.x is not out yet (officially), so the documentation is up to date
by RvdH
2019-09-02 00:23
Forum: General discussions
Topic: Server Messages not signed?
Replies: 36
Views: 2489

Re: Server Messages not signed?

No, yahoo never send a mail to gmx, so the NDR to yahoo makes no sense...

If you do not understand that, were done talking...back to school for you!
Without SRS (linked to above) we never, ever will be able to do what you want, request.....simple as that!!!
by RvdH
2019-09-01 09:21
Forum: General discussions
Topic: Server Messages not signed?
Replies: 36
Views: 2489

Re: Server Messages not signed?

I still believe the way you test this is all wrong, NDR are sent/should be sent to local accounts only And only NDR received by local account, forwarded to external are DKIM signed as explained on github pull request please run your test the other way around, set a forward to yahoo on test@freeze an...
by RvdH
2019-09-01 01:14
Forum: General discussions
Topic: Server Messages not signed?
Replies: 36
Views: 2489

Re: Server Messages not signed?

What? Why should the NDR be send back to yahoo account? That doesn't make any sense at all as the mail from yahoo -> freeze was successfully delivered...anything after that isn't to any concern to yahoo account It could, with SRS ...but this isn't supported by hmailserver (yet...or ever?) So you a p...
by RvdH
2019-08-31 08:06
Forum: General discussions
Topic: Server Messages not signed?
Replies: 36
Views: 2489

Re: Server Messages not signed?

I only see two external domains in the NDR...whats up with that? bhpclan@ymail.com dsgwemdiwufn@gmx.de From: mailer-daemon@freeze.ws To: bhpclan@ymail.com In the last "To:" address above i would at least expect a local domain and not a yahoo account, really don't know what you are doing, is that a r...
by RvdH
2019-08-30 22:49
Forum: General discussions
Topic: Using honeypots to catch spammers?
Replies: 16
Views: 1106

Re: Using honeypots to catch spammers?

I have some honeypots/spam traps in place that automatically are reported/contributed to blocklist.de DNSBL

A few usage examples
https://www.hmailserver.com/forum/viewt ... 97#p209597

scripts can easily be adapted for the more traditional honeypots (in OnSMTPData) you are referring to
by RvdH
2019-08-30 08:22
Forum: General discussions
Topic: Server Messages not signed?
Replies: 36
Views: 2489

Re: Server Messages not signed?

Ditch the rule, set the (freeze.ws) local host name under SMTP settings , as explained in the github pull request this makes the mailer-daemon@ address used by the mailserver freeze.png By using rule you set the From address before it reaches to code change in *.22, the change i made expects it to b...
by RvdH
2019-08-29 13:45
Forum: General discussions
Topic: Server Messages not signed?
Replies: 36
Views: 2489

Re: Server Messages not signed?

Ah...i think in know why it works for me, sometimes... When the NDR domain EnvelopeFrom and From address use the same domain it works But when you use a second domain, different from EnvelopeFrom it will not work I have proposed a change in the code to martin, this at least give you the ability to g...
by RvdH
2019-08-29 11:15
Forum: Off-topic discussions
Topic: August Windows Update - potential risk?
Replies: 7
Views: 967

Re: August Windows Update - potential risk?

jimimaseye wrote:
2019-08-29 09:08
So everyone ok then?
Yep...no problem whatsoever
by RvdH
2019-08-29 00:05
Forum: General discussions
Topic: Server Messages not signed?
Replies: 36
Views: 2489

Re: Server Messages not signed?

1) RewriteEnvelopeFromWhenForwarding=1 enabled? 2) I think for this need the return-path header to be filled (Try option 1 again, only use the original mailer-daemon@mytld.com as 'From' address... i think this fills the return-path header) I get these results from a NDR report forwarded to gmail acc...
by RvdH
2019-08-28 18:32
Forum: General discussions
Topic: Server Messages not signed?
Replies: 36
Views: 2489

Re: Server Messages not signed?

Doesn't work either. The message is not signed. Not sure what you are trying to do and how you tested this....but above method is tested and working, when send to external address (either by forward rule or account forward) If server message is delivered to a local address the message is never sign...
by RvdH
2019-08-28 14:13
Forum: General discussions
Topic: Mobile Devices & IMAP - Missing Emails
Replies: 2
Views: 328

Re: Mobile Devices & IMAP - Missing Emails

Or you moved them to different folder that are not subscribed to on IOS/Android. Using different clients really messes up IMAP folders is my experience. For example you could have got one client using 'deleted items', the other 'trash' and for example outlook uses 'verwijderde items' (Dutch) for trash
by RvdH
2019-08-24 10:32
Forum: General discussions
Topic: Server Messages not signed?
Replies: 36
Views: 2489

Re: Server Messages not signed?

You can try to rewrite the mailer-daemon@ address to a existing account for which the domain name had DKIM enabled Taken from: https://www.hmailserver.com/forum/viewtopic.php?t=30139 Make a global rule criteria: From / contains / mailer-daemon X-hMailServer-LoopCount / equals / 1 action: Set header ...
by RvdH
2019-08-24 09:55
Forum: Development & alpha discussions
Topic: hMailServer 5.7
Replies: 101
Views: 11198

Re: hMailServer 5.7

cool 8)
Now i dare to start thinking about switching to 5.7.x :mrgreen:
by RvdH
2019-08-24 07:21
Forum: Development & alpha discussions
Topic: hMailServer 5.7
Replies: 101
Views: 11198

Re: hMailServer 5.7

But thinking about this I don't see an issue If someone tries to log in on port 143, and gets the user name incorrect - then this happens ..... Maybe for you this is not an issue, but the whole point for the OnClientLogon Event is to get triggered when client login fails/succeeds and right now it d...
by RvdH
2019-08-23 13:07
Forum: Development & alpha discussions
Topic: hMailServer 5.7
Replies: 101
Views: 11198

Re: hMailServer 5.7

@martin, i have another pull request ready for IMAPCommandLogin.cpp The code as you have it now returns the login error before the onClientLogon Event in IMAPCommandLogin.cpp, actually i don't see the usage of the change you made there compared to 5.6.x branch I believe the the way 5.6.x handles th...
by RvdH
2019-08-23 01:38
Forum: Off-topic discussions
Topic: My Hmailserver professional usage....
Replies: 10
Views: 1013

Re: My Hmailserver professional usage....

When my 10+ year old "server" finally bit the dust after limping along a while, i bought a no-frills refurb office-style desktop online (no monitor, no extras) for about $140, with SSD and win 10 pro. It's plenty of horsepower for my needs even though it's a very basic system. Then i later bought a...
by RvdH
2019-08-20 21:58
Forum: Development & alpha discussions
Topic: hMailServer 5.7
Replies: 101
Views: 11198

Re: hMailServer 5.7

@martin, i have another pull request ready for IMAPCommandLogin.cpp The code as you have it now returns the login error before the onClientLogon Event in IMAPCommandLogin.cpp, actually i don't see the usage of the change you made there compared to 5.6.x branch I believe the the way 5.6.x handles thi...
by RvdH
2019-08-20 21:51
Forum: Scripting
Topic: Critical error when eventhandlers is running my script
Replies: 24
Views: 2267

Re: Critical error when eventhandlers is running my script

Hello palinka Thank you for your suggestion. But unfortunately that doesn't work either. As I see it (https://www.hmailserver.com/documentation/latest/?page=scripting_onSMTPdata) oMessage.Body is not an option in the OnSMTPData Sub. But I have another question now... I have looked in the documentat...
by RvdH
2019-08-18 11:55
Forum: Development & alpha discussions
Topic: hMailServer 5.7
Replies: 101
Views: 11198

Re: hMailServer 5.7

mattg wrote:
2019-08-18 11:36
As Martin has shown it is a 5.7 error.
I was on 5.6.8 until this morning (~8 hours ago)
A bit premature to switch, don't you think? Martin clearly stated 5.7.x is currently like a alpha build and should not be used in production as of yet
by RvdH
2019-08-18 10:05
Forum: Development & alpha discussions
Topic: hMailServer 5.7
Replies: 101
Views: 11198

Re: hMailServer 5.7

What OS are you on? Dunno if it is related, but the spfverify.exe utility i wrote a while back for dynamic greylistwhitelisting has some issues resolving CNAME records (pop.gmail.com is CNAME record as well) on Windows Server 2012, on Windows 10 (or Server 2016) this seems no issue. spfverify.exe us...
by RvdH
2019-08-17 02:24
Forum: Development & alpha discussions
Topic: hMailServer 5.7
Replies: 101
Views: 11198

Re: hMailServer 5.7

Wait for it... ;) All 'my and community' requested changes/fixes are incorporated in 5.7.x today, i believe we all have to wait for martin until he decides 5.7.x is ready as a mainstream, non-alpha, beta or full release If you're on 5.6.x, either official or my 'custom' build, stick with for the tim...
by RvdH
2019-08-16 17:13
Forum: Development & alpha discussions
Topic: hMailServer 5.7
Replies: 101
Views: 11198

Re: hMailServer 5.7

I've merged the changes now. Did some fixes to indentation and added integration tests for it. Thanks! I noticed the indentation changes, how did this happen? Is there a setting for it somewhere in VS to get it synced with your indentation? EDIT: Open 'Tools' in the Visual Studio Menu and click on ...
by RvdH
2019-08-16 01:47
Forum: Development & alpha discussions
Topic: hMailServer 5.7
Replies: 101
Views: 11198

Re: hMailServer 5.7

@martin I have a pull request for 5.7.x ready, as you might have seen? https://github.com/hmailserver/hmailserver/pull/292/commits/70a46e9872e5eb61a369773fa16a6beaef3f0b20 This is working, verified and tested code in the 5.6.x branch, you might want to review it though...i did what i did, and all wi...
by RvdH
2019-08-15 08:40
Forum: Development & alpha discussions
Topic: External POP3 Fetcher - DELE without RETR - crashing frequently
Replies: 26
Views: 2963

Re: External POP3 Fetcher - DELE without RETR - crashing frequently

5.7.0-B2468 you say? Why did you pick that version? That version did not contain the supposedly fix, as something went wrong reverting the unnecessary commit in the 5.6.8 branch Try 5.7.0-B2469 (you could have picked 5.7.0-B2464, 5.7.0-B2466 or 5.7.0-B2469...anyone of those, except 5.7.0-B2468 you s...
by RvdH
2019-08-13 14:19
Forum: Development & alpha discussions
Topic: External POP3 Fetcher - DELE without RETR - crashing frequently
Replies: 26
Views: 2963

Re: External POP3 Fetcher - DELE without RETR - crashing frequently

Something is off...
you reverted that changes in 'master' branch as well it seems :?:
by RvdH
2019-08-13 13:27
Forum: Development & alpha discussions
Topic: hMailServer 5.7
Replies: 101
Views: 11198

Re: hMailServer 5.7

OnHelo & OnClientLogon Script Handlers, both very useful for scripting, blocking, reporting abusive IP's + Below a small list of small and easy fixes i have incorporated in 'my' custom builds Add Return-Path header as topmost header before sending the message to SA for SPF checking (+ delete Return...
by RvdH
2019-08-13 13:00
Forum: Development & alpha discussions
Topic: External POP3 Fetcher - DELE without RETR - crashing frequently
Replies: 26
Views: 2963

Re: External POP3 Fetcher - DELE without RETR - crashing frequently

BTW, was that fix even necessary for the 5.6.x branch? I believe that issue was introduced with the Handling of long UIDL response lists was too slow that is only part of the 5.7 branch code And as you're updating the 5.7.x build instructions/readme, https://github.com/hmailserver/hmailserver/commit...
by RvdH
2019-08-13 12:25
Forum: Development & alpha discussions
Topic: External POP3 Fetcher - DELE without RETR - crashing frequently
Replies: 26
Views: 2963

Re: External POP3 Fetcher - DELE without RETR - crashing frequently

The new 5.6.8 build with the fix applied is included here: https://build.hmailserver.com/viewLog.html?buildId=770&buildTypeId=HMailServer_BuildHMailServer56&tab=artifacts But if you're already using a newer experimental build, you can't install this one. So need to know what you're currently runnin...
by RvdH
2019-08-13 10:44
Forum: Development & alpha discussions
Topic: hMailServer 5.7
Replies: 101
Views: 11198

Re: hMailServer 5.7

2. Fix ExternalFetcher DELE when no RETR, pull pull #254 Thanks!! So, this is your fix? SetReceiveBinary(false); https://github.com/hmailserver/hmailserver/pull/254/commits/260f999382e213dc05e2aded410baa13f0a2d899 Apparently, look here, https://github.com/hmailserver/hmailserver/issues/253 this fix...
by RvdH
2019-08-13 08:28
Forum: Development & alpha discussions
Topic: hMailServer 5.7
Replies: 101
Views: 11198

Re: hMailServer 5.7

OnHelo & OnClientLogon Script Handlers, both very useful for scripting, blocking, reporting abusive IP's + Below a small list of small and easy fixes i have incorporated in 'my' custom builds Add Return-Path header as topmost header before sending the message to SA for SPF checking (+ delete Return-...
by RvdH
2019-08-09 15:36
Forum: Development & alpha discussions
Topic: New Boost/OpenSSL versions
Replies: 14
Views: 1802

Re: New Boost/OpenSSL versions

@martin

Do you read comments made on commits?
https://github.com/hmailserver/hmailser ... 6#comments
by RvdH
2019-08-09 00:00
Forum: Development & alpha discussions
Topic: Removing XP, Vista and Server 2003 support in 5.7
Replies: 6
Views: 1150

Re: Removing XP, Vista and Server 2003 support in 5.7

Those can still run 5.6.x, not?
You can't expect when using an ancient no longer supported OS the software that runs on it is latest of the latest
Want the latest, update your OS!

And for what i have seen it is only installer changes that check OS compatibility
by RvdH
2019-08-04 14:06
Forum: Development & alpha discussions
Topic: Disable SSLv3 in hMailServer >5.6.8
Replies: 38
Views: 4299

Re: Disable SSLv3 in hMailServer >5.6.8

Yup, i am running 5.6.8-B2450.21 (*.21 are a few fixes and changes i made myself) Me too now. but works with: HIGH:!TLSv1:!SSLv3; gmail uses TLS cipher 1.3 as you mentioned Doing this now too thanks - we see how it goes. NOTE: This only is suitable if you only allow TLS 1.2 + 1.3 i know mattg does,...
by RvdH
2019-08-04 12:24
Forum: Development & alpha discussions
Topic: Disable SSLv3 in hMailServer >5.6.8
Replies: 38
Views: 4299

Re: Disable SSLv3 in hMailServer >5.6.8

Yup, i am running 5.6.8-B2450.21 (*.21 are a few fixes and changes i made myself) my ISP (external download of POP3 messages) doesn't seem to support TLS 1.3 (yet) Still have to try with gmail, hotmail... EDIT: hotmail fails to make a valid TLS handshake using: HIGH:MEDIUM:!SHA1:!SHA256:!SHA384:!RC4...
by RvdH
2019-08-04 11:23
Forum: Development & alpha discussions
Topic: Disable SSLv3 in hMailServer >5.6.8
Replies: 38
Views: 4299

Re: Disable SSLv3 in hMailServer >5.6.8

Do we have to list all allowed ciphers there? Or can this be shortened like: HIGH:MEDIUM:!SHA1:!SHA256:!SHA384:!RC4:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK; openssl ciphers -v HIGH:MEDIUM:!SHA1:!SHA256:!SHA384:!RC4:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK TLS_AES_256_GCM_SHA384 TLSv1.3 Kx=any A...
by RvdH
2019-08-04 09:02
Forum: Development & alpha discussions
Topic: Disable SSLv3 in hMailServer >5.6.8
Replies: 38
Views: 4299

Re: Disable SSLv3 in hMailServer >5.6.8

mattg wrote:
2019-08-04 00:01
I have updated mine a few times over the years
:?:
What is the point if it uses internal API ciphers list?
If i understand correctly this is only to explicitly disable some ciphers.... Docs are not very clear on this matter either
by RvdH
2019-08-03 22:05
Forum: Development & alpha discussions
Topic: Disable SSLv3 in hMailServer >5.6.8
Replies: 38
Views: 4299

Re: Disable SSLv3 in hMailServer >5.6.8

So when we take the original ciphers list, eg; ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:EC...
by RvdH
2019-08-03 18:32
Forum: Development & alpha discussions
Topic: Disable SSLv3 in hMailServer >5.6.8
Replies: 38
Views: 4299

Re: Disable SSLv3 in hMailServer >5.6.8

Do we need a updated ciphers list for this within hmailserver as well?
https://www.openssl.org/docs/man1.1.1/man1/ciphers.html

How is the ciphers list within hmailserver exactly build?

i mean for:
- SSL 3.0
+ TLS 1.3