Search found 184 matches

by ras07
2019-07-08 17:17
Forum: Development & alpha discussions
Topic: Sub OnHELO(oClient) progress?
Replies: 197
Views: 36748

Re: Sub OnHELO(oClient) progress?

Installed and using, no problems so far - thanks!
by ras07
2019-04-27 05:31
Forum: Development & alpha discussions
Topic: Sub OnHELO(oClient) progress?
Replies: 197
Views: 36748

Re: Sub OnHELO(oClient) progress?

Anyone who wish to help, can just create a Github Account and join the HCD Github Organization, so it doesnt depends all on 1 single person. ... Ok, there is a hell lot of work todo, but i think its totally worth it. Hey, I'd be in. It's been years (ok, decades) since I did anything serous in c/c++...
by ras07
2019-04-20 04:00
Forum: Development & alpha discussions
Topic: Sub OnHELO(oClient) progress?
Replies: 197
Views: 36748

Re: Sub OnHELO(oClient) progress?

Is it possible to tell OnHELO to reply with an SMTP code other than 542? I'm thinking that 421 might be useful, probably others ...
by ras07
2019-04-17 19:54
Forum: General discussions
Topic: Lego: Windows-based auto-renewal of Let's Encrypt certs, including wildcards
Replies: 5
Views: 596

Re: Lego: Windows-based auto-renewal of Let's Encrypt certs, including wildcards

Is it compatible for those of us running Windows DNS server (not 'bind')? [Entered by mobile. Excuse my spelling.] Can you do a split horizon with MS DNS? As I read it Lego needs to play with the public DNS to add some stuff to it. Lego... I have fond memories of my kids playing with Lego all over ...
by ras07
2019-04-17 17:18
Forum: General discussions
Topic: Lego: Windows-based auto-renewal of Let's Encrypt certs, including wildcards
Replies: 5
Views: 596

Re: Lego: Windows-based auto-renewal of Let's Encrypt certs, including wildcards

Is it compatible for those of us running Windows DNS server (not 'bind')? I'm not sure. It looks like Windows DNS server supports RFC2136 but not TSIG authentication. If your hMailServer machine can authenticate through Active Directory there might be a way to do it. Or, Lego has an external progra...
by ras07
2019-04-17 10:05
Forum: General discussions
Topic: Lego: Windows-based auto-renewal of Let's Encrypt certs, including wildcards
Replies: 5
Views: 596

Lego: Windows-based auto-renewal of Let's Encrypt certs, including wildcards

I've been using Let's Encrypt certs for several years now. Their certs are only good for 90 days, and while there are some well-known ways to auto-renew them on Linux (which is what I've been doing, and then copying them over to my hMailServer machine) Windows support is pretty hit-or-miss. I wanted...
by ras07
2019-04-16 20:26
Forum: General discussions
Topic: SSL/TLS cert for multiple domains?
Replies: 6
Views: 712

Re: SSL/TLS cert for multiple domains?

It's not "client dependent", it's server dependent. Well, no, it's client dependent. You can write software to do whatever you want, and if you want it to ignore cert ownership, you certainly can. I know of at least several that do; the one on my Android phone, for instance (that was how this whole...
by ras07
2019-04-16 08:37
Forum: General discussions
Topic: SSL/TLS cert for multiple domains?
Replies: 6
Views: 712

Re: SSL/TLS cert for multiple domains?

Or is TLS support in SMTP (and IMAP) specifically designed to facilitate only encryption, and not authentication? Correct You need a cert that matches the 'local host name' in SMTP >> Delivery of email and that is it. Hmm, apparently this isn't correct for IMAP ... I imagine it's client-dependent, ...
by ras07
2019-04-15 05:52
Forum: General discussions
Topic: SSL/TLS cert for multiple domains?
Replies: 6
Views: 712

SSL/TLS cert for multiple domains?

Do you need to have a multi-domain (SAN) cert if your hmailserver instance supports multiple email domains (and answers to multiple domain names in MX records)? I always assumed yes, and I've always had SAN certs. But I recently added a new domain to my mail server and forgot all about the certifica...
by ras07
2018-07-13 21:54
Forum: General discussions
Topic: Sudden Service misbehaviour - help required (service fails to stop)
Replies: 50
Views: 5974

Re: Sudden Service misbehaviour - help required please

This is the second disaster Microsoft updates have caused for me THIS WEEK. :cry:

Unfortunately forced updates from MS are getting harder and harder to avoid. This is going to cause a lot of people a lot of problems.
by ras07
2018-07-13 20:16
Forum: General discussions
Topic: Sudden Service misbehaviour - help required (service fails to stop)
Replies: 50
Views: 5974

Re: Sudden Service misbehaviour - help required please

Same problem; removing the less-than-amusingly named 2018-07 Security and "Quality" Rollup for .NET solved it. Unbelievable.
by ras07
2018-06-01 19:58
Forum: Development & alpha discussions
Topic: Minor doc error
Replies: 2
Views: 1235

Minor doc error

The changelog for the beta says "Upgrade to OpenSSL 1.0.1o" - pretty sure it should be 1.0.2o

https://www.hmailserver.com/changelog/?version=5.6.8
by ras07
2017-01-20 19:31
Forum: Scripting
Topic: Way to auto-ban unknow user
Replies: 10
Views: 6918

Re: Way to auto-ban unknow user

As they say, I Am Not A Lawyer, but I'll just point out that we're talking about deleting mail that was sent to a non-existent account . So who, exactly, is "the law" going to presume the recipient is? If I write "To Fred" (and nothing else) on an envelope and drop it in the local post, I don't thin...
by ras07
2017-01-09 10:09
Forum: General discussions
Topic: Greylisting mystery
Replies: 4
Views: 1055

Re: Greylisting mystery

mattg wrote:That better?
Perfect!
by ras07
2017-01-08 06:47
Forum: General discussions
Topic: Greylisting mystery
Replies: 4
Views: 1055

Re: Greylisting mystery

A ha - Makes sense.

Might be worth a mention in the docs at https://www.hmailserver.com/documentati ... reylisting ... I was all over the docs trying to figure this out.
by ras07
2017-01-07 20:41
Forum: General discussions
Topic: Greylisting mystery
Replies: 4
Views: 1055

Greylisting mystery

Some (considerable) time ago, I was experimenting with greylisting. At the time I determined that it wasn't a good fit for my circumstances, and disabled it - or so I thought. Today I was looking for something else and happened to click on Greylisting in the Admin console. Lo and behold, Greylisting...
by ras07
2016-12-20 06:01
Forum: Off-topic discussions
Topic: Why RFC's arent always right.....
Replies: 7
Views: 3384

Re: Why RFC's arent always right.....

RFC's only matters to Programmers Well, I wouldn't go quite that far ... I'd imagine that many, if not most, "RFC compliant" services give users enough rope to hang themselves with in terms of configuring in a non-RFC compliant manner, if the user so chooses. Doing so is at your own risk, of course...
by ras07
2016-12-20 05:32
Forum: Off-topic discussions
Topic: Why RFC's arent always right.....
Replies: 7
Views: 3384

Re: Why RFC's arent always right.....

RFC5321 says that smtp banners should advertise the FQDN host name ... The words "must", "should", "may", etc. have very specific meanings in RFC language. Per RFC 2119 : 3. SHOULD This word, or the adjective "RECOMMENDED", mean that there may exist valid reasons in particular circumstances to igno...
by ras07
2016-12-20 05:18
Forum: Feature requests
Topic: .ItemByName behavior
Replies: 7
Views: 1895

Re: .ItemByName behavior

I readily admit that I'm a bit vague on the distinction, but my understanding is that Nothing would be appropriate for an object, and Empty would be appropriate for a variant. Since the .ItemByName properties return an object (Application.Domains.ItemByName() returns a Domain object,for example) I a...
by ras07
2016-12-20 03:56
Forum: Feature requests
Topic: .ItemByName behavior
Replies: 7
Views: 1895

Re: .ItemByName behavior

That's a good idea - let me work on that.

In the larger scheme of things, I still think it would be a lot cleaner if all .ItemBy* properties would return Nothing if the item isn't found.

ras
by ras07
2016-12-19 23:48
Forum: Feature requests
Topic: .ItemByName behavior
Replies: 7
Views: 1895

Re: .ItemByName behavior

Yeah, that's about what I'm doing now ... but On Error Resume Next can hide a lot of programming faults or other errors that would otherwise be found. Would be a lot better not to have to use it.
by ras07
2016-12-19 20:37
Forum: Feature requests
Topic: .ItemByName behavior
Replies: 7
Views: 1895

.ItemByName behavior

Application.Settings.SecurityRanges.ItemByName(string sName) throws a "Subscript out of range" error if the named range doesn't exist. It looks like Domains.ItemByName and Accounts.ItemByAddress exhibit the same behavior; I haven't tested other .ItemBy... properties. Would it be possible to instead ...
by ras07
2016-12-19 19:59
Forum: Scripting
Topic: Script to rename Attachment file type
Replies: 49
Views: 13210

Re: Script to rename Attachment file type

Interesting ... I've seen something that sounds similar, although it has nothing to do with a script. When the virus checker (ClamAV) detects a virus, I have it set to delete attachments. When it does this it sometimes munges the message body. Here's a snipped of a raw .eml file that's been munged: ...
by ras07
2016-12-07 06:30
Forum: Scripting
Topic: Can you add headers in OnSMTPData?
Replies: 15
Views: 4207

Re: Can you add headers in OnSMTPData?

estradis wrote:We only ban intrusion attempts, not spammers. Maybe that's the difference.
Ah - yeah, that makes sense. (It's what I ended up doing as well.)
by ras07
2016-12-06 00:58
Forum: Scripting
Topic: Can you add headers in OnSMTPData?
Replies: 15
Views: 4207

Re: Can you add headers in OnSMTPData?

Interesting ... we have dramatically different spam experiences. A couple months ago I decided to auto-ban the most blatant of spamming IPs ... only those IPs who are on many different DNSBLs, and that repeatedly sent us only obvious spam. In less than 2 weeks the autoban list exceeded 3,000 entries...
by ras07
2016-11-28 08:47
Forum: General discussions
Topic: {REQ}php mail sender local
Replies: 3
Views: 2066

Re: {REQ}php mail sender local

https://www.hmailserver.com/documentation/latest/?page=reference_ssltls describes the various connection security options. https://www.hmailserver.com/documentation/latest/?page=reference_tcpipport describes how to set them. For STARTTLS (either optional or required) you will need an SSL certificate...
by ras07
2016-11-27 05:29
Forum: General discussions
Topic: {REQ}php mail sender local
Replies: 3
Views: 2066

Re: {REQ}php mail sender local

It looks like your sender (webmail?) is configured to require STARTTLS, but your server is not configured to accept STARTTLS. What exactly are you trying to do? In general, there's not a lot to be gained by encrypting localhost communication. Your IP is in the range used by a some pretty notorious I...
by ras07
2016-11-27 00:20
Forum: General discussions
Topic: Anti Spam BLACK LIST
Replies: 11
Views: 2263

Re: Anti Spam BLACK LIST

You can write a script to search through the headers looking for a particular domain(s), and then do what you want with it.

If you provide a little more detail on exactly what you want to do, we can probably point you in the right direction.
by ras07
2016-11-25 05:46
Forum: Scripting
Topic: Can you add headers in OnSMTPData?
Replies: 15
Views: 4207

Re: Can you add headers in OnSMTPData?

Yep, saw that. Was sort of assuming that was a cascading problem from the extra NL (figuring the scan for headers stopped at the double NL), but that's a presumption.
by ras07
2016-11-25 05:11
Forum: Scripting
Topic: Can you add headers in OnSMTPData?
Replies: 15
Views: 4207

Re: Can you add headers in OnSMTPData?

It's not that critical. I'm using RvdH's OnHELO mod, described at www.hmailserver.com/forum/viewtopic.php?t=30193 . There's certain HELO responses that are clearly spam-related, and I'd like to drop (and ban) them immediately. There are other responses that are technically invalid, but I don't want ...
by ras07
2016-11-25 04:44
Forum: General discussions
Topic: Qestion. How Can I SetUp local machine mail server sending outside to gmail hotmail etc..
Replies: 7
Views: 1423

Re: Qestion. How Can I SetUp local machine mail server sending outside to gmail hotmail etc..

With or without business-class broadband, virtually any provider will have an email gateway you can use for outbound SMTP. But, as jimimaseye points out, there's a fair bit of relatively esoteric knowledge necessary to run your own email server - it's not overly hard, but it is fairly involved. It's...
by ras07
2016-11-23 22:33
Forum: Scripting
Topic: Can you add headers in OnSMTPData?
Replies: 15
Views: 4207

Re: Can you add headers in OnSMTPData?

You do not want to modify oMessage in any way at this stage. Use the next event. Actually that's kind of the motivation for what I'm trying to do. I'd like to do some checks in OnSMTPData, and then take action based on those checks in OnAcceptMessage, without re-executing the OnSMTPData checks. Glo...
by ras07
2016-11-23 22:10
Forum: Feature requests
Topic: OnSMTPError event handler
Replies: 1
Views: 1507

OnSMTPError event handler

I think would be very useful to call a handler when a 500-level SMTP response is sent ("530 SMTP authentication is required", "503 Must have sender and recipient first", etc). Both the error code and the response message would need to be passed to the handler (some codes, 503 for example, can get se...
by ras07
2016-11-23 21:07
Forum: Scripting
Topic: Can you add headers in OnSMTPData?
Replies: 15
Views: 4207

Re: Can you add headers in OnSMTPData?

Sorry to bump, but does anyone know if this ought to work? If it should, I'll open a defect ... I've done quite a bit of testing with it and it consistently does this.
by ras07
2016-11-21 23:43
Forum: General discussions
Topic: question: notification for infected mails
Replies: 18
Views: 2797

Re: question: notification for infected mails

jimimaseye's reply is probably best, but if you still want to go the forwarding route, just add a rule criteria that says Recipient List does not include <mirroraddress.domain.com>.
by ras07
2016-11-21 07:05
Forum: SpamAssassin implementation discussions
Topic: Anti Spam Settings
Replies: 68
Views: 100234

Re: Anti Spam Settings

I use all of these, and not all are traditional URIBL or SURBL lists multi.surbl.org dbl.spamhaus.org uribl.spameatingmonkey.net uribl.swinog.ch ubl.nszones.com I've tried uribl.swinog.ch in the past, but hardly ever got any hits with it. Is there something special you need to do with it? The instr...
by ras07
2016-11-19 18:11
Forum: General discussions
Topic: Global and Local rules both moving email
Replies: 5
Views: 1331

Re: Global and Local rules both moving email

That depends; do local rules get executed against new messages in the user's account, or new messages in the Inbox. Appears to be the latter.
by ras07
2016-11-19 08:03
Forum: Scripting
Topic: Can you add headers in OnSMTPData?
Replies: 15
Views: 4207

Can you add headers in OnSMTPData?

I know the message properties are only partially populated when OnSMTPData fires. Should one expect to be able to add or modify headers and then execute oMessage.Save ? This forum post https://www.hmailserver.com/forum/viewtopic.php?t=28131 would seem to indicate that you can. But when I try it, it ...
by ras07
2016-11-19 05:02
Forum: General discussions
Topic: Global and Local rules both moving email
Replies: 5
Views: 1331

Re: Global and Local rules both moving email

mattg wrote:I suspect that account level rules only work on mail intended for the inbox
Yeah, that appears to be the case. Bummer.
by ras07
2016-11-19 04:59
Forum: Scripting
Topic: Way to auto-ban unknow user
Replies: 10
Views: 6918

Re: Way to auto-ban unknow user

Alternately, if you cheat a little with some third-party tools you can pretty simply monitor the log file to do this. Make sure SMTP logging is on, then do something like this: Sub OnAcceptMessage (oClient, oMessage) Dim LogFileName, NowTime NowTime = Now LogFileName = "c:\HMailServer\Logs\hmailserv...
by ras07
2016-11-19 04:25
Forum: Scripting
Topic: Way to auto-ban unknow user
Replies: 10
Views: 6918

Re: Way to auto-ban unknow user

I think you actually could do it without resorting to monitoring the log files. Create a "catch-all" account (Advanced tab under Domain settings). In OnAcceptMessage save the sender's IP address to a header, like so: Sub OnAcceptMessage (oClient, oMessage) oMessage.HeaderValue("X-Sender-IP") = oClie...
by ras07
2016-11-19 03:36
Forum: General discussions
Topic: Global and Local rules both moving email
Replies: 5
Views: 1331

Global and Local rules both moving email

If a Global rule is triggered that causes an email to be moved to a particular IMAP folder (not to a different user or to a global folder) can a Local rule later be applied that moves it to a different IMAP folder? From experimenting (with Debug logging on), the answer appears to be no. (In fact, I'...
by ras07
2016-11-01 17:30
Forum: General discussions
Topic: Use Let's Encrypt Certificates with HM
Replies: 55
Views: 18948

Re: Use Let's Encrypt Certificates with HM

Does anyone know of a script to automate obtaining and renewing certs for hmailserver? I'm not the expert, but as I understand it, the process for obtaining and renewing Let's Encrypt certs requires an HTTPS server - so to my knowledge there's not a way to automate it with hMS alone. For the time b...
by ras07
2016-08-31 19:53
Forum: Scripting
Topic: General question: passing info from one On* sub to another
Replies: 0
Views: 1211

General question: passing info from one On* sub to another

In general, what's the best practice for maintaining context between fired events? For example, I have some processing in OnAcceptMessage that could be more effective in OnSMTPData, but later I'll want to access that info in OnAcceptMessage. I could write the context out to a file or database based ...
by ras07
2016-08-31 18:55
Forum: Feature requests
Topic: API to detect STARTTLS
Replies: 2
Views: 1644

Re: API to detect STARTTLS

I added a poll question and some extra bits Tell me if you would like the question changed Thanks! Really, I can't see the need for any more than knowing whether it was encrypted or not, but perhaps someone else will. Perhaps just generalize the question to something like "I would like access to in...
by ras07
2016-08-31 03:49
Forum: Scripting
Topic: What's the RIGHT way to call an external program?
Replies: 4
Views: 2152

Re: What's the RIGHT way to call an external program?

That's pretty dramatic overkill! Also doesn't help if I don't have access to the source of the program I'm calling.
by ras07
2016-08-31 00:19
Forum: Scripting
Topic: What's the RIGHT way to call an external program?
Replies: 4
Views: 2152

Re: What's the RIGHT way to call an external program?

(I think you'd need to instantiate another WScript.Shell object; I didn't try it, but I think calling Exec and Run on the same WScript.Shell instance will cause trouble.) But in any case, making a second Exec/Run call to wait for the first is pretty heavyweight ... setting up and tearing down the co...
by ras07
2016-08-30 23:45
Forum: General discussions
Topic: something@mydomain.com send me a SPAM.
Replies: 5
Views: 2186

Re: something@mydomain.com send me a SPAM.

or even better, require authentication from local to local e-mailadresses in your IP Ranges The IP range settings trigger on the SMTP envelope info, yes? So the envelope could say it's coming from anybody@anywhere.com, whereas the header info (which is what the users' email clients see) says it's f...
by ras07
2016-08-30 23:22
Forum: Scripting
Topic: What's the RIGHT way to call an external program?
Replies: 4
Views: 2152

What's the RIGHT way to call an external program?

TL;DR: how to you release a time slice when you need to wait for an external program to complete? As far as I can tell, VBScript has 2 ways to call an external program: WshShell.Exec and WshShell.Run. WshShell.Run will block (possibly forever) waiting for the called program to return. It also doesn...
by ras07
2016-08-30 20:50
Forum: Feature requests
Topic: API to detect STARTTLS
Replies: 2
Views: 1644

API to detect STARTTLS

It would nice to be able to know whether the in the incoming SMTP session was encrypted (for example, as a property in the Client object).

In my experience STARTTLS sessions are rarely spam; it would be cool to be able to utilize that knowledge in a spam strategy.
by ras07
2016-08-30 20:38
Forum: Scripting
Topic: Detect STARTTLS session in script?
Replies: 2
Views: 1103

Re: Detect STARTTLS session in script?

I went ahead and parsed the log file for now ... it's slow and a little error prone (not to mention inelegant) but probably fine for my low-volume server.

It could be a convenient feature to have in the future, though ... I'll add a feature request.
by ras07
2016-08-28 01:19
Forum: Scripting
Topic: Detect STARTTLS session in script?
Replies: 2
Views: 1103

Detect STARTTLS session in script?

I've noticed that incoming SMTP sessions that utilize STARTTLS are rarely spam. I'd like to incorporate that knowledge in my spam strategy, but I haven't found a way to detect that from a script. Is there a way to tell from a script whether the SMTP session was encrypted (and possibly what TLS versi...
by ras07
2016-08-12 09:36
Forum: General discussions
Topic: Use Let's Encrypt Certificates with HM
Replies: 55
Views: 18948

Re: Use Let's Encrypt Certificates with HM

No I was planning to use only one 'Let's Encrypt' SAN Certificate with alternative DNS names ... The way i was thinking the 'Let's Encrypt' SAN Certificate with alternative DNS names would return valid certificate to a client when automatically configuring their Outlook/Thunderbird accounts. Did yo...
by ras07
2015-03-31 20:30
Forum: General discussions
Topic: Minimalist backup routine
Replies: 18
Views: 2504

Re: Minimalist backup routine

Thanks - I agree there should be some error checking. I'll definitely add that. I've played pretty extensively with Robocopy and I just can't get it to perform. I don't know why but scanning the directory structure takes forever. Here's an output example: Total Copied Skipped Mismatch FAILED Extras ...
by ras07
2015-03-31 06:52
Forum: General discussions
Topic: Minimalist backup routine
Replies: 18
Views: 2504

Re: Minimalist backup routine

I'm restarting hMailServer before copying the data directory on purpose. I just don't want the server down that long. I'm trying to understand how dangerous that is. I tried a bunch of copy options including Robocopy, and basically nothing was faster than 7za - even when there was nothing to update ...
by ras07
2015-03-31 06:03
Forum: General discussions
Topic: Minimalist backup routine
Replies: 18
Views: 2504

Minimalist backup routine

Since upgrading to 5.6.2 I've been having sporadic trouble with the built-in backup system. It appears to fail when a .eml file gets moved/deleted between the backup of the account files and the data backup (which can be 10 or 15 minutes on my system with ~2 GB of data). I'm nearly certain this is n...
by ras07
2014-11-01 08:24
Forum: Feature requests
Topic: Look up domains from sender address against SURBL lists
Replies: 2
Views: 1651

Re: Look up domains from sender address against SURBL lists

percepts wrote:I think running spamassassin will do this for you.
Sure, but hMailServer's anti-spam capability is very nearly good enough that you don't need SA.
by ras07
2014-10-29 22:27
Forum: Feature requests
Topic: Look up domains from sender address against SURBL lists
Replies: 2
Views: 1651

Look up domains from sender address against SURBL lists

In anecdotal testing, it looks like scanning oMessage.From / oMessage.FromAddress for domains and looking those domains up on the SURBL lists would catch quite a bit of spam that doesn't have any links in the message body.
by ras07
2014-10-29 22:21
Forum: Feature requests
Topic: SURBL Servers Need Configurable "Expected result" messages
Replies: 6
Views: 3647

Re: SURBL Servers Need Configurable "Expected result" messag

SorenR wrote: Some of it I guess you can build with a script in hMailServer....
I had the same thought, and started building such a script last night ... performing the lookup is the easy part ... but it turns out that just finding the domain names to query in the message body is non-trivial.
by ras07
2014-10-29 07:56
Forum: Feature requests
Topic: Ability to specify DNS server for blacklists
Replies: 1
Views: 2250

Ability to specify DNS server for blacklists

Some blacklists won't work with some DNS servers - for example, uribl.com blocks major DNS providers, so if you use Google or OpenDNS you can't use uribl.com. They want to you make the request directly to one of their mirrors. As a demonstration: C:\>nslookup 2.0.0.127.black.uribl.com Server: google...