Search found 632 matches

by RvdH
2019-03-08 10:13
Forum: General discussions
Topic: DKIM Error Shown In Outlook Message Header
Replies: 19
Views: 371

Re: DKIM Error Shown In Outlook Message Header

palinka wrote:
2019-03-07 12:58
How long ago did you set up the dns record? Could be a propagation issue.

Also, this is handy for testing: https://dkimvalidator.com

There are other sites that help you test as well.
Alternative: https://www.port25.com/authentication-checker/
by RvdH
2019-03-01 19:26
Forum: SpamAssassin implementation discussions
Topic: Usefull SA Plugins
Replies: 2
Views: 179

Re: Usefull SA Plugins

SorenR wrote:
2019-03-01 17:27
NOTE: HashBL is already part of SA 3.4.2 standard plugins. All you need to do is create the config HashBL.cf
Nah, it isn't...SA 3.4.2 uses 0.001 and the github link for HASHBL above is 0.003 that includes the splitting into BLACK/GREY rules
by RvdH
2019-03-01 14:29
Forum: SpamAssassin implementation discussions
Topic: Usefull SA Plugins
Replies: 2
Views: 179

Usefull SA Plugins

Useful SpamAssassin Plugins The purpose of this topic is to share information on (custom) plugins that can be used with SpamAssassin used by forum members here DecodeShortURLs This plugin looks for URLs shortened by a list of URL shortening services and upon finding a matching URL will connect usin...
by RvdH
2019-02-21 21:10
Forum: SpamAssassin implementation discussions
Topic: Spamassassin 3.4.2 released
Replies: 63
Views: 4401

Re: Spamassassin 3.4.2 released

"Severity: 3 (Medium), Code: HM5157, Source: SpamAssassinClient::OnReadError, Description: There was a communication error with SpamAssassin. hMailServer tried to retrieve data from SpamAssassin but the connection to SpamAssassin was lost. The WinSock error code is 2. Enable debug logging to retrie...
by RvdH
2019-02-20 10:33
Forum: SpamAssassin implementation discussions
Topic: Spamassassin 3.4.2 released
Replies: 63
Views: 4401

Re: Spamassassin 3.4.2 released

jimimaseye wrote:
2019-02-20 10:11
Woo hoo.

So, who is the first to go for it and report back?
So far so good.... make a backup off your \etc\spamassassin folder, as it seems the installer overwrites all .pre files inside (luckily i did that)
by RvdH
2019-02-15 20:07
Forum: Off-topic discussions
Topic: ClamAV hangs server
Replies: 15
Views: 603

Re: ClamAV hangs server

I too use ClamAV via SpamAssassin and must admit that I am thinking of killing ClamAV via hMailServer as 99% of my ClamAV hits come via SpamAssassin. Does SA delete the attachment? I thought it just assigned a score. I rather prefer the slightly safer road of deleting the attachment. I changed my s...
by RvdH
2019-02-15 11:20
Forum: Off-topic discussions
Topic: ClamAV hangs server
Replies: 15
Views: 603

Re: ClamAV hangs server

Yes, I installed updates this week...yesterday after 23:00, so that can't be the issue ;) I have enabled debug login for clamd for the time being...lets see what happens Btw, memory usage on this particular server is almost constantly somewhere between 80 and 84%, could it be a lack of free memory? ...
by RvdH
2019-02-15 09:09
Forum: Off-topic discussions
Topic: ClamAV hangs server
Replies: 15
Views: 603

Re: ClamAV hangs server

FYI: I have both VirusScan and Spam checking Maximums set to: 2048 for Maximum message size to virus scan (KB) in hmailServer Now i think of it, isn't it a bit of waste of resources on the server to use both ClamAV in hmailserver and enable clamav.pm in SpamAssassin? Each message is checked twice th...
by RvdH
2019-02-15 09:05
Forum: Off-topic discussions
Topic: ClamAV hangs server
Replies: 15
Views: 603

ClamAV hangs server

Yesterday ClamAV has hung the SMTP traffic on our server for a unknown reason, it seem to have started after ClamAV correctly reloaded Databases After that (21:06) almost no SMTP traffic was possible until about an hour later (22:09) when ClamAV detected a Database modification but could not correct...
by RvdH
2019-02-07 18:03
Forum: Scripting
Topic: Delete attachment in spam
Replies: 5
Views: 313

Re: Delete attachment in spam

SorenR wrote:
2019-02-07 18:00
Major flaw... You are not passing the "oMessage" object to the function. AND you need to save the oMessage object after any changes.
Oops...even I did not see that :oops:
by RvdH
2019-02-07 17:23
Forum: Scripting
Topic: Delete attachment in spam
Replies: 5
Views: 313

Re: Delete attachment in spam

Remove all Attachments oMessage.Attachments.Clear() Remove individual Attachments for i = 0 to oMessage.attachments.count ' attachment oMessage.attachments(i).Delete() next 'i or for i = 0 to oMessage.attachments.count ' attachment oMessage.attachments.Item(i).Delete() next 'i And last oMessage.Save
by RvdH
2019-02-06 16:20
Forum: General discussions
Topic: Problem. Sometimes HMailServer behaves like an open relay!!!
Replies: 1
Views: 297

Re: Problem. Sometimes HMailServer behaves like an open relay!!!

"SMTPD" 652 11001 "2019-02-06 02:10:42.132" "185.231.245.49" "RECEIVED: AUTH PLAIN" "SMTPD" 652 11001 "2019-02-06 02:10:42.133" "185.231.245.49" "SENT: 334 Log on" "SMTPD" 3044 11001 "2019-02-06 02:10:42.188" "185.231.245.49" "RECEIVED: admin@mydomen.net ***" "SMTPD" 3044 11001 "2019-02-06 02:10:42...
by RvdH
2019-02-05 10:27
Forum: Scripting
Topic: Want to Autoban some special spammer
Replies: 38
Views: 2814

Re: Want to Autoban some special spammer

@SorenR I used ASN logging as in your example above and have found prove some listed are used to send spam only I decided to score various ASN entries higher (using spamassassin) Example ### ASN scores ### ifplugin Mail::SpamAssassin::Plugin::ASN # AS16276 OVH SAS header ASN_AS16276 X-ASN =~ /\b(162...
by RvdH
2019-02-02 03:15
Forum: General discussions
Topic: Urgent help please, spammers using my server
Replies: 25
Views: 3848

Re: Urgent help please, spammers using my server

For the ones who already downloaded fail2ban.zip, i pushed a new version (1.1.0.2) that fixes a NullReferenceException
by RvdH
2019-01-31 09:43
Forum: General discussions
Topic: Urgent help please, spammers using my server
Replies: 25
Views: 3848

Re: Urgent help please, spammers using my server

In the OnClientLogon(oClient) event, oClient.Username always holds the value passed when authenticating the user, in later events like OnSmtpData, OnAcceptMessage the oClient.Username is empty when authentication has failed (to be compatible with current behavior/scripts) OnSmtpData, OnAcceptMessag...
by RvdH
2019-01-30 18:11
Forum: General discussions
Topic: Urgent help please, spammers using my server
Replies: 25
Views: 3848

Re: Urgent help please, spammers using my server

i can share a program i wrote if you wish to report to blocklist.de using their API Yes please How to use? First you need to register a account on blocklist.de, https://www.blocklist.de/en/register.html to get your own API key Download fail2ban.zip (Requires Net 4.5) fail2ban Options: -a, --apikey=...
by RvdH
2019-01-30 01:06
Forum: General discussions
Topic: Urgent help please, spammers using my server
Replies: 25
Views: 3848

Re: Urgent help please, spammers using my server

Not a direct instant help but do you and us a favor and report this Bastard to the Networkowners Antispam Department $ whois 221.237.208.10 % Information related to '221.236.0.0 - 221.237.255.255' inetnum: 221.236.0.0 - 221.237.255.255 netname: CHINANET-SC descr: CHINANET Sichuan province network d...
by RvdH
2019-01-29 17:59
Forum: General discussions
Topic: Fresh installed HMAIL server runs out of memory.
Replies: 12
Views: 907

Re: Fresh installed HMAIL server runs out of memory.

Have you excluded the \Data\ and \Temp\ folder for realtime scanning in McAfee Livesafe?
by RvdH
2019-01-19 22:31
Forum: General discussions
Topic: Error download mail external pop
Replies: 37
Views: 1924

Re: Error download mail external pop

mic.max wrote:
2019-01-19 21:07
I downgrade to 5.6.7 latest production release and seems to work fine, no error log and minidump! Why this?
64-bit support is very experimental, hence the lack of a official 64-bit distribution on the official channel... could be as simple as a wrong int/size conversion
by RvdH
2019-01-19 19:45
Forum: General discussions
Topic: Linux port with .NET core - a possibility?
Replies: 4
Views: 790

Re: Linux port with .NET core - a possibility?

hMailServer is a free, open source, e-mail server for Microsoft Windows.
But hey, the source is available...what is holding you back to try?
by RvdH
2019-01-19 14:08
Forum: General discussions
Topic: Upgrading Database and SSL
Replies: 2
Views: 616

Re: Upgrading Database and SSL

What is your question :?:
by RvdH
2019-01-16 19:09
Forum: Scripting
Topic: Want to Autoban some special spammer
Replies: 38
Views: 2814

Re: Want to Autoban some special spammer

Hi SorenR, Why the VARCHAR (192) And not simply use the default VARCHAR (255) Maybe Expecting uft8mb4? I also noticed you used that VARCHAR (192) in your IDS code, but there is a maximum of 15 chars for IPv4 and 45 for IPv6 addresses... https://stackoverflow.com/questions/1076714/max-length-for-clie...
by RvdH
2019-01-16 11:27
Forum: Scripting
Topic: Want to Autoban some special spammer
Replies: 38
Views: 2814

Re: Want to Autoban some special spammer

I have updated the lookup component (v1.3.0.1) The code below, should return everything now ********** strIP = "185.222.209.40" Dim a, b, element, group, strLookup a = Split(strIP, ".") With CreateObject("DNSLibrary.DNSResolver") strLookup = .TXT(a(3) & "." & a(2) & "." & a(1) & "." & a(0) & ".zz.co...
by RvdH
2019-01-16 00:11
Forum: Scripting
Topic: Want to Autoban some special spammer
Replies: 38
Views: 2814

Re: Want to Autoban some special spammer

Spamassassin is using it... c:\SpamAssassin\share\3.004000\updates_spamassassin_org\25_asn.cf Added header; X-Spam-ASN: AS57043 185.222.209.40/32 Since two or three versions back SpamAssassin started including ASN numbers in Bayesian data to identify Spammers by Internet router. I was just wonderin...
by RvdH
2019-01-15 19:26
Forum: Scripting
Topic: Want to Autoban some special spammer
Replies: 38
Views: 2814

Re: Want to Autoban some special spammer

Something seems off with that TXT record, it looks like a single string :shock: , see https://mxtoolbox.com/SuperTool.aspx?action=txt%3a40.209.222.185.asn.routeviews.org&run=networktools dig 40.209.222.185.asn.routeviews.org TXT ; <<>> DiG 9.11.0-P1 <<>> 40.209.222.185.asn.routeviews.org TXT ;; glob...
by RvdH
2019-01-15 12:30
Forum: Scripting
Topic: Want to Autoban some special spammer
Replies: 38
Views: 2814

Re: Want to Autoban some special spammer

Well Ruud, It seems as those pesky ISO 3166-1 alpha-3 IS the way to go. I reconfigured my system before I went to bed this morning and this is what I got... The "old" NerdLookup() is calling the "new" NerdLookupTXT() in order to get both solutions. I hate to say this to you, but you are wrong...and...
by RvdH
2019-01-13 12:40
Forum: General discussions
Topic: How to Use Rules to filter X-Google-Original-From for mail downloaded from External Account
Replies: 30
Views: 1499

Re: How to Use Rules to filter X-Google-Original-From for mail downloaded from External Account

Mail downloaded from external account?
What about the X-hMailServer-ExternalAccount header? Can't you do something with that?
by RvdH
2019-01-13 11:32
Forum: Scripting
Topic: Can i do an autban script based on this?
Replies: 43
Views: 2109

Re: Can i do an autban script based on this?

How about strict security to stop unauthorised persons looking at random script files on your server in the first place? I'm pretty sure that if anyone had gained access to your system and shouldn't be there, the last thing they will be looking at is some unknown script file in a 3rd party software...
by RvdH
2019-01-11 22:22
Forum: Scripting
Topic: Want to Autoban some special spammer
Replies: 38
Views: 2814

Re: Want to Autoban some special spammer

Another example: dig +short 180.227.49.37.zz.countries.nerd.dk TXT "is" "ee" That's a bug... The IP address belongs to Iceland. Get your own copy ... :mrgreen: mkdir -p rsync/dg rsync -a rsync://countries-ns.mdc.dk/zone/ rsync cat rsync/zz.countries.nerd.dk.rbldnsd zz.countries.nerd.dk.rbldnsd.add ...
by RvdH
2019-01-11 18:17
Forum: Scripting
Topic: Want to Autoban some special spammer
Replies: 38
Views: 2814

Re: Want to Autoban some special spammer

Another example:

Code: Select all

dig +short 180.227.49.37.zz.countries.nerd.dk TXT
"is"
"ee"
by RvdH
2019-01-11 17:36
Forum: Scripting
Topic: Want to Autoban some special spammer
Replies: 38
Views: 2814

Re: Want to Autoban some special spammer

No, not really...probably used that On Error Resume Next when debugging zz.countries.nerd.dk sometimes returns 2 TXT records, for example 'eu' and 'nl' for a single ip, as i prefer to allow the 'nl' and not the 'eu' i added that countryCodeAlt to filter out those duplicates, example: https://www.hma...
by RvdH
2019-01-11 13:48
Forum: Scripting
Topic: Want to Autoban some special spammer
Replies: 38
Views: 2814

Re: Want to Autoban some special spammer

Mmm, OK i see But why allow 3 attempts (using the IDS code) on any port other then port 25? I block those instantly Dim strRegEx : strRegEx = "^(nl|be|eu|zz)$" If (oClient.Port <> 25) Then If Not Lookup(strRegEx, NerdLookup(oClient.IPAddress)) Then ' countries.nerd.dk Call AutoBan(oClient.IPAddress,...
by RvdH
2019-01-11 12:21
Forum: Scripting
Topic: Want to Autoban some special spammer
Replies: 38
Views: 2814

Re: Want to Autoban some special spammer

Shouldn't this: Sub OnClientConnect(oClient) ' Only test SMTP traffic If (InStr("|25|587|465|", oClient.Port) > 0) Then ' IDS test for SYN flood etc. Call idsAddIP(oClient.IPAddress, 0) End If End Sub Be: Sub OnClientConnect(oClient) ' Only test SMTP traffic If (InStr("|25|587|465|", oClient.Port) >...
by RvdH
2019-01-11 11:56
Forum: Scripting
Topic: Want to Autoban some special spammer
Replies: 38
Views: 2814

Re: Want to Autoban some special spammer

@SorenR
Your IDS code only should be used if greylisting is disabled, right? Might be worth to mention that in the instructions

As with greylisting enabled en frequent retries the IDS entries popup like mushrooms :lol:
by RvdH
2019-01-11 00:56
Forum: Scripting
Topic: Want to Autoban some special spammer
Replies: 38
Views: 2814

Re: Want to Autoban some special spammer

How is Calling oDB.ExecuteSQL(strSQL) 2 times, code optimization? Function idsAddIP(sIPAddress, iPort) Dim strSQL, oDB : Set oDB = GetDatabaseObject strSQL = "INSERT INTO " & idsTable & " (timestamp,ipaddress,port,hits) VALUES (NOW(),'" & sIPAddress & "'," & iPort & ",0) ON DUPLICATE KEY UPDATE hits...
by RvdH
2019-01-11 00:46
Forum: Scripting
Topic: Can i do an autban script based on this?
Replies: 43
Views: 2109

Re: Can i do an autban script based on this?

mats wrote:
2019-01-05 13:51

Code: Select all

Const sAdminPassword = "<ADMINISTRATORPASSWORD>"
The included backup script in Hmailserver.
Just add a msgbox sAdminPassword and you are done,. That is the current security level.
That is exactly why i said with password stored in a CONST you could, but then again simply do not do that!
by RvdH
2019-01-11 00:37
Forum: Scripting
Topic: Want to Autoban some special spammer
Replies: 38
Views: 2814

Re: Want to Autoban some special spammer

Function idsAddIP(sIPAddress, iPort) Dim strSQL, oDB : Set oDB = GetDatabaseObject strSQL = "INSERT IGNORE INTO " & idsTable & " (timestamp,ipaddress,port,hits) VALUES (NOW(),'" & sIPAddress & "'," & iPort & ",0);" Call oDB.ExecuteSQL(strSQL) strSQL = "UPDATE " & idsTable & " SET hits=(hits+1) WHER...
by RvdH
2019-01-05 03:49
Forum: Scripting
Topic: Can i do an autban script based on this?
Replies: 43
Views: 2109

Re: Can i do an autban script based on this?

it's simple to do a msgbox of the password when it is stored in cleartext in the script, I don't believe we have to discuss that further Please show me how, i could not do it....and i doubt you can do it either, Sure, if you stored the password in a CONST you could, but then again simply do not do ...
by RvdH
2019-01-04 17:21
Forum: General discussions
Topic: SSL/TLS -- STARTTLS
Replies: 14
Views: 1027

Re: SSL/TLS -- STARTTLS

@ mattg how do you (if you did) update the cipherlist used by hmailserver for use with tls 1.2 only? https://www.openssl.org/docs/man1.0.2/apps/ciphers.html openssl ciphers -v TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx...
by RvdH
2019-01-04 12:33
Forum: Scripting
Topic: Can i do an autban script based on this?
Replies: 43
Views: 2109

Re: Can i do an autban script based on this?

Simply to prevent someone from doing msgbox "here is the secret password" and that's the part where I'm going to bluntly steal some code ;) And how exactly does your solution prevent the msgbox "here is the secret password" example you referred to yourself earlier? (Not saying MsgBox "here is the s...
by RvdH
2018-12-28 00:56
Forum: General discussions
Topic: Which antivirus to use?
Replies: 11
Views: 675

Re: Which antivirus to use?

https://www.hmailserver.com/forum/viewtopic.php?f=21&t=26829 How should that help him? He likes to ditch Clam as you can read @nschoot, the amount of RAM used by ClamAV is outrageous, i agree...but there are very few (working) alternatives Some people tried Windows Defender/MSE, but in my experienc...
by RvdH
2018-11-27 12:35
Forum: General discussions
Topic: What is hm_messagereceipients good for?
Replies: 5
Views: 533

Re: What is hm_messagereceipients good for?

The message is temporary stored there until the message is delivered to all included recipients, after delivery it should be cleared https://github.com/hmailserver/hmailserver-net/blob/master/hMailServer.Repository.MySQL/MessageRepository.cs public async Task<Message> GetMessageToDeliverAsync() { us...
by RvdH
2018-11-17 12:24
Forum: General discussions
Topic: New install/configuration seems to be working but no mails to/from the outside world
Replies: 36
Views: 1672

Re: New install/configuration seems to be working but no mails to/from the outside world

This is no good,

dktucson.dyndns-mail.com 60 IN A 69.136.126.139
dktucson.dyndns-mail.com 60 IN MX 10 resolver1.opendns.com
by RvdH
2018-11-14 17:38
Forum: General discussions
Topic: Problems with spams sent through my server
Replies: 16
Views: 1159

Re: Problems with spams sent through my server

And let dominik scan his PC/device for malware/virus infections
by RvdH
2018-11-14 17:32
Forum: General discussions
Topic: Problems with spams sent through my server
Replies: 16
Views: 1159

Re: Problems with spams sent through my server

Glad we could help (make sure you change the password for that dominik account before enabling it again)
by RvdH
2018-11-14 17:23
Forum: General discussions
Topic: Problems with spams sent through my server
Replies: 16
Views: 1159

Re: Problems with spams sent through my server

External to External with AUTH is the default setting What it allows say is for me to AUTH with matt@example.com and send FROM potus@whitehouse.com @matt I get that, but i don't see why one would allow this? common usage would be forwarding the messages from the document scanner to the world etc. I...
by RvdH
2018-11-14 17:16
Forum: General discussions
Topic: Problems with spams sent through my server
Replies: 16
Views: 1159

Re: Problems with spams sent through my server

@Armin79

Like matt said, i'll bet your mail queue is still flooded with messages (that might have caused the slow down)
by RvdH
2018-11-14 16:49
Forum: General discussions
Topic: Problems with spams sent through my server
Replies: 16
Views: 1159

Re: Problems with spams sent through my server

mattg wrote:
2018-11-14 16:37
External to External with AUTH is the default setting
What it allows say is for me to AUTH with matt@example.com and send FROM potus@whitehouse.com
@matt
I get that, but i don't see why one would allow this?
by RvdH
2018-11-14 16:16
Forum: General discussions
Topic: Problems with spams sent through my server
Replies: 16
Views: 1159

Re: Problems with spams sent through my server

Allowing External To External deliveries for any of your ip ranges seems somewhat odd, even when you require Authentication for it....i have not enabled External To External on any ip range Then there is your TCPIP PORTS...what the hell did you do there? And for what? With SMTPD logs i mean the line...
by RvdH
2018-11-14 15:50
Forum: General discussions
Topic: Problems with spams sent through my server
Replies: 16
Views: 1159

Re: Problems with spams sent through my server

You need to look at your SMTPD logs, that is where the user sending those mails logs in/connects

If you need more help we wil need a detailed diagnostic report...
Run this, and post its results here
by RvdH
2018-11-10 13:33
Forum: General discussions
Topic: Are password changes logged?
Replies: 6
Views: 2410

Re: Are password changes logged?

If you use a webmail client like roundcube and allow user to change their password you can enable login there

\plugins\password\config.inc.php

Code: Select all

// Enables logging of password changes into logs/password
$config['password_log'] = true;
by RvdH
2018-11-09 19:22
Forum: Off-topic discussions
Topic: VT Virtualization Feature after Win10 Update not longer avaiable
Replies: 2
Views: 538

Re: VT Virtualization Feature after Win10 Update not longer avaiable

Wasn't is just because your boot file contained a entry 'hypervisorlaunchtype on'? https://marcofranssen.nl/switch-between-hyper-v-and-virtualbox-on-windows/ Or perhaps they disbabled Virtualization by default in newer bios as for the L1 Terminal Fault (L1TF) exploit? I doubt they are releated to Sp...
by RvdH
2018-10-12 02:04
Forum: Development & alpha discussions
Topic: LibreSSL built of hMailServer 5.6.8 avaiable (request for testing)
Replies: 13
Views: 1462

Re: LibreSSL built of hMailServer 5.6.8 avaiable (request for testing)

I disagree, I think it is a very big plus the guys at OpenSSL finally try to get some things right, sticking with LibreSSL means we are stucked with the spaghetti code OpenSSL is finally trying to get rid off

For the long term, stick with OpenSSL...it only can get better!
by RvdH
2018-10-10 14:36
Forum: General discussions
Topic: Delete all mail for a specific account older than ##
Replies: 3
Views: 442

Re: Delete all mail for a specific account older than ##

Why not hook it up to a client like outlook and thunderbird and archive the old messages (then you still have a backup for management if they ask)

https://support.office.com/en-us/articl ... a5c33274f6
by RvdH
2018-10-03 16:19
Forum: General discussions
Topic: Prevent any authenticated logins except from whitelisted IPs
Replies: 4
Views: 436

Re: Prevent any authenticated logins except from whitelisted IPs

Yes, i think you can accomplish something like that fairly easily, but it really depends on the amount of IP-adresses that should be whitelisted what is the best approach to accomplish this. It is probably best to do this in the Experimental eventhandler OnClientLogon() in my custom builds and/or in...