Search found 46 matches

by mats
2023-12-02 10:19
Forum: Development & alpha discussions
Topic: Help with HMailer and Lets Encrypt SSL!
Replies: 9
Views: 2433

Re: Help with HMailer and Lets Encrypt SSL!

I use cerify the web for this.

That client can export the cert in different formats. Cert + keyfiles is one so I let it do that and point Hmailserver to those files.
It can also run actions after renewing the cert. In my case I restart Hmailserver
by mats
2023-10-26 15:11
Forum: Development & alpha discussions
Topic: hMailServer X
Replies: 111
Views: 113803

Re: hMailServer X

Then you looked not hard enough :) Or one of us needs to polish our glasses ;) I asked for without having external Com or Exe calls just because Netsh is an external exe - a slowly dying one. (if I have to call an exe it will be pwsh) If you run netsh followed by advfirewall you get In future versi...
by mats
2023-10-26 11:41
Forum: Development & alpha discussions
Topic: hMailServer X
Replies: 111
Views: 113803

Re: hMailServer X

The Challenge for internal scripting is it has to be Internal :) Would it be possible for hmailserver to initiate the command of your choice for each internal trigger (OnClientConnect, etc)? In theory yes. I think it's possible for a LUA Script to call another script or *.exe For hmsx we need a Int...
by mats
2023-10-25 21:16
Forum: Off-topic discussions
Topic: Nation State Hackers Exploiting Zero-Day in Roundcube Webmail Software
Replies: 20
Views: 4820

Re: Nation State Hackers Exploiting Zero-Day in Roundcube Webmail Software

palinka wrote:
2023-10-25 20:05
Is there a patch yet?
Yes since about 10 days ago
by mats
2023-10-25 20:32
Forum: Development & alpha discussions
Topic: VBScript deprecation investigation results
Replies: 16
Views: 2706

Re: VBScript deprecation investigation results

and just for fun $oApp = new-object -comobject "hMailServer.Application" $oApp.Authenticate("Administrator", "SUPERSECRET") for ($i=0;$i -lt $oApp.Settings.SSLCertificates.Count;$i++){ write-host ("Certificate ID " + $oApp.Settings.SSLCertificates.Item($i).ID) write-host ("Certificate Name " + $oApp...
by mats
2023-10-25 20:04
Forum: Development & alpha discussions
Topic: hMailServer X
Replies: 111
Views: 113803

Re: hMailServer X

I still think lua is a mistake. Will Microsoft provide functionality for Lua or Powershell only? With Windows as the main plattform - The main scripting language on that plattform (and therefore the one what most people know) is Powershell Therefore I'm afraid it's another dead end. I don't code pur...
by mats
2023-10-25 19:35
Forum: Development & alpha discussions
Topic: VBScript deprecation investigation results
Replies: 16
Views: 2706

Re: VBScript deprecation investigation results

Powershell does com to new-object -comobject "objectname"
Supported in current classic (5.1) and core based (7.3)
by mats
2023-10-24 23:24
Forum: User contributed hMailServer 5 scripts
Topic: Check incoming connections with AbuseIPDB
Replies: 117
Views: 142696

Re: Check incoming connections with AbuseIPDB

Made a simple reporting script that reports the IP:s that has been banned in Hmailserver It checks the autobans in Hmailserver (priority 100) and reports them to abuseipdb (thanks for the rest call Palinka). Finally it sets the priority to 99 (to avoid dubble reporting). It will not report a repeat ...
by mats
2023-10-20 17:47
Forum: User contributed hMailServer 5 scripts
Topic: Check incoming connections with AbuseIPDB
Replies: 117
Views: 142696

Re: Check incoming connections with AbuseIPDB

Someone asked for a V2 script function Public Function CheckAbuseIPDBConfidence(IPAddress) CheckAbuseIPDBConfidence = "0" Set objXMLHTTP = CreateObject("msxml2.xmlhttp.6.0") objXMLHTTP.Open "GET", "https://api.abuseipdb.com/api/v2/check?ipAddress="&ipAddress&"&maxAgeInDays=90&verbose", False objXMLH...
by mats
2023-02-02 22:26
Forum: Off-topic discussions
Topic: Three lines of powershell
Replies: 0
Views: 5085

Three lines of powershell

Is all it takes to make RDP use a (letsencrypt) certificate from the local certstore $TSGeneralSetting = Get-WmiObject "Win32_TSGeneralSetting" -ComputerName "." -Namespace root\cimv2\terminalservices -Filter "TerminalName='RDP-tcp'" $TSGeneralSetting.SSLCertificateSHA1Hash = (Get-ChildItem -Path Ce...
by mats
2023-01-29 11:32
Forum: Scripting
Topic: MySQL Setting a variable
Replies: 6
Views: 3543

Re: MySQL Setting a variable

I think you need a stored procedure to get it down to one operation against the database
by mats
2023-01-29 11:28
Forum: Feature requests
Topic: EHLO and Goodbye
Replies: 10
Views: 5578

Re: EHLO and Goodbye

I think one of the Major problems with hMail's Autoban is, its on hMailServer level. The Attacker tries a dozens of times and get metrics and recon info by trying to mess around with hMail while at the same time keeping hMail busy servicing malicious connections. If the ip of the attacker is alread...
by mats
2023-01-22 23:29
Forum: Feature requests
Topic: Automate SSL certificate installation and renewal with Letsencrypt
Replies: 46
Views: 12870

Re: Automate SSL certificate installation and renewal with Letsencrypt

I agree with SorenR. There are more important things to be fixed. Back in 2017 it was a little tricky to handle certs - Today it's easy You can for example use the certify the web client/agent. It will manage a letsencrypt cert and it can be made to output it in pem format (that Hmailserver can use)...
by mats
2023-01-17 20:11
Forum: User contributed hMailServer 5 scripts
Topic: Check incoming connections with AbuseIPDB
Replies: 117
Views: 142696

Re: Check incoming connections with AbuseIPDB

I find it strange myself.

At the worst point I had 3230 FW rules in my MailBlacklist group
Today it's down to 1654

By the way. How to count the rules

Code: Select all

(Get-NetFirewallRule -DisplayGroup MailBlacklist).count
by mats
2023-01-16 22:40
Forum: User contributed hMailServer 5 scripts
Topic: Check incoming connections with AbuseIPDB
Replies: 117
Views: 142696

Re: Check incoming connections with AbuseIPDB

It's been running for about 10 days now.
Seems stable and effective. I have about 33% less fw rules today, IE the number of attacks has gone down
by mats
2023-01-09 00:02
Forum: User contributed hMailServer 5 scripts
Topic: Check incoming connections with AbuseIPDB
Replies: 117
Views: 142696

Re: Check incoming connections with AbuseIPDB

For me FW rules are faster. I also use disconnect to get rid of simultaneous connections I'm used to netsh which actually does take a second or more. I've never used your method before today. I don't need to test it. I'll take your word for it. :D I'm just curious if it's repeatable or if it's my d...
by mats
2023-01-08 16:44
Forum: User contributed hMailServer 5 scripts
Topic: Check incoming connections with AbuseIPDB
Replies: 117
Views: 142696

Re: Check incoming connections with AbuseIPDB

I just implemented this code. Thanks. One thing I do to take it just a step further is utilize RvdH's disconnect.exe and autoban for 1 hour - could be 5 minutes - just something there to prevent new connections while the firewall rule is being created. Can you please test what is fastest for you. C...
by mats
2023-01-07 17:53
Forum: User contributed hMailServer 5 scripts
Topic: Check incoming connections with AbuseIPDB
Replies: 117
Views: 142696

Re: Check incoming connections with AbuseIPDB

I played a little with this over the holidays (running 5.7). First test. Just add bans to HMailServer. - Two drawbacks. IP ranges created after the admin GUI will appear under IP ranges but cannot be opened until you restart the admin GUI - At about 1500 rules MySQL consumed an entire CPU core and H...
by mats
2023-01-06 11:32
Forum: General discussions
Topic: Resting Encryption
Replies: 11
Views: 890

Re: Resting Encryption

This is a kind of question I get often and it boils down to either ju trust your server/network admin or you don't. If you don't then you must have a pc managed by yourself and all data must be end to end encrypted because any encryption/permission/whatever that is on the server is controlled by the...
by mats
2023-01-02 02:02
Forum: Feature requests
Topic: EHLO Hackers
Replies: 15
Views: 6377

Re: EHLO Hackers

Do you need to allow logon on port 25?

if not

Code: Select all

[Settings]
DisableAUTHList=25
in the ini file
by mats
2019-11-23 21:42
Forum: Feature requests
Topic: HCD: VBScript Support for hMailServer Crossplatform
Replies: 8
Views: 12633

Re: HCD: VBScript Support for hMailServer Crossplatform

late to the show but I say powershell.

- It's multiplatform and open source
- since it can interface .net it will give a lot of flexibility and capability
- it will do com calls too
by mats
2019-11-23 21:27
Forum: Development & alpha discussions
Topic: hMailServer 5.7
Replies: 171
Views: 408219

Re: hMailServer 5.7

upgraded one testserver and got one interesting effect. After the upgrade it required smtp authentication on external to internal mail delivery. That's despite the config said it should be allowed. After some troubleshooting i found that i had to disable and re-enable my maildomains to get the serve...
by mats
2019-01-12 16:25
Forum: Scripting
Topic: Can i do an autban script based on this?
Replies: 43
Views: 28395

Re: Can i do an autban script based on this?

Const sAdminPassword = "<ADMINISTRATORPASSWORD>" The included backup script in Hmailserver. Just add a msgbox sAdminPassword and you are done,. That is the current security level. That is exactly why i said with password stored in a CONST you could, but then again simply do not do that! So why don'...
by mats
2019-01-05 18:04
Forum: Development & alpha discussions
Topic: New hMailServer x 64 MSI Installer
Replies: 26
Views: 23504

Re: New hMailServer x 64 MSI Installer

I know it's more work but I would like to suggest an alternative to sockets. belive an rest based admin webservice would be even better. Just about any language can talk to a webservice. It's also a protocol that can be proxied and further secured with extra auth layers if you want too. Just my 2c A...
by mats
2019-01-05 17:59
Forum: Feature requests
Topic: LUA-Scripting integration
Replies: 3
Views: 10146

Re: LUA-Scripting integration

For some strange reason I do prefer powershell.
The core edition is open source under MIT licensing
by mats
2019-01-05 17:44
Forum: Scripting
Topic: Can i do an autban script based on this?
Replies: 43
Views: 28395

Re: Can i do an autban script based on this?

Why not use vbsedit to convert vbs to an exe file ... Now that is an interesting thought From HELP file... Convert Into Executable VbsEdit lets you convert your scripts into standalone applications. Unlike the older versions of VbsEdit, the script will now be executed directly within the executable...
by mats
2019-01-05 17:42
Forum: Scripting
Topic: Can i do an autban script based on this?
Replies: 43
Views: 28395

Re: Can i do an autban script based on this?

With the password in script all the attacker needs is notepad or cmd ....... Don't they also need access to your file system? Yes, but a compromised serviceaccount will have that. If running as system you own the file system. If you are running as user it's a little better but still, the serviceacc...
by mats
2019-01-05 13:51
Forum: Scripting
Topic: Can i do an autban script based on this?
Replies: 43
Views: 28395

Re: Can i do an autban script based on this?

it's simple to do a msgbox of the password when it is stored in cleartext in the script, I don't believe we have to discuss that further Please show me how, i could not do it....and i doubt you can do it either, Sure, if you stored the password in a CONST you could, but then again simply do not do ...
by mats
2019-01-04 23:06
Forum: Scripting
Topic: Can i do an autban script based on this?
Replies: 43
Views: 28395

Re: Can i do an autban script based on this?

There are currently three public functions GenerateSalt (string) It will accept an empty string EQ use no salt The string User will make it use a Salt based on the user sid The string Static will make it use a static salt encoded in the DLL Any other string will be used as the salt encode(password, ...
by mats
2019-01-04 22:22
Forum: Scripting
Topic: Can i do an autban script based on this?
Replies: 43
Views: 28395

Re: Can i do an autban script based on this?

Simply to prevent someone from doing msgbox "here is the secret password" and that's the part where I'm going to bluntly steal some code ;) And how exactly does your solution prevent the msgbox "here is the secret password" example you referred to yourself earlier? (Not saying MsgBox "here is the s...
by mats
2018-12-30 22:23
Forum: Scripting
Topic: Can i do an autban script based on this?
Replies: 43
Views: 28395

Re: Can i do an autban script based on this?

Making more progress. Been playing around with com objects and passing and returning an object as a parameter to a com object. The nice thing is that we can call objects byref IE we can modify the object externally and continue to use it after that. That makes it possible to do an external auth func...
by mats
2018-12-29 17:19
Forum: Scripting
Topic: Can i do an autban script based on this?
Replies: 43
Views: 28395

Re: Can i do an autban script based on this?

Did a little democode in VB.net to test the API. Found out that I don't even have to call the API. There is a Dotnet class for it - Protecteddata. That made it really simple, just three lines of code to encrypt the data and store it to file Sub encode(indata As String) Dim clearTextbytes() As Byte =...
by mats
2018-12-28 21:18
Forum: Scripting
Topic: Can i do an autban script based on this?
Replies: 43
Views: 28395

Re: Can i do an autban script based on this?

It was indeed. After thinking things through a few times I probably will have to do more in compiled code than I really would like to. Simply to prevent someone from doing msgbox "here is the secret password" and that's the part where I'm going to bluntly steal some code ;) The other part about stor...
by mats
2018-12-27 12:31
Forum: Scripting
Topic: Can i do an autban script based on this?
Replies: 43
Views: 28395

Re: Can i do an autban script based on this?

You mean like this: https://www.hmailserver.com/forum/viewtopic.php?f=20&t=31874 I started using this as a banning solution and ended up adapting it to use it as an auth function for multiple things interop based. The source is there, so you can adapt it to whatever you need. One way of solving the...
by mats
2018-12-26 20:29
Forum: Scripting
Topic: Can i do an autban script based on this?
Replies: 43
Views: 28395

Re: Can i do an autban script based on this?

The trick is to find a reasonably safe and user friendly solution :) I have now changed the service account for Hmailserver from System to a dedicated account (network service would work too). It has read on the Hmailserver folder structure and modify on the data substructure as described in https:/...
by mats
2018-12-26 18:37
Forum: Scripting
Topic: Can i do an autban script based on this?
Replies: 43
Views: 28395

Re: Can i do an autban script based on this?

Done since long.
Next step moving Hmailserver away from running as system
by mats
2018-12-26 14:46
Forum: Scripting
Topic: Can i do an autban script based on this?
Replies: 43
Views: 28395

Re: Can i do an autban script based on this?

One way of solving the password problem is to store the PW in an external file. That file should then be encrypted with EFS (you must be logged on as the account that is running the Hmailserver service to do this). Cons: An external file reference. You need a windows version with EFS Pro:s Crypto ke...
by mats
2018-12-25 16:19
Forum: Scripting
Topic: Can i do an autban script based on this?
Replies: 43
Views: 28395

Re: Can i do an autban script based on this?

My server is rather low loaded so it should be rather safe i hope :) However I found a "feature" aka BUG the current code seems to be comparing the percentage values as strings meaning that 20 is smaller than 5. quick fix PercentageReject = cint("5") PercentageWarn = cint("2") PercentageInform = cin...
by mats
2018-12-23 18:17
Forum: User-submitted tutorials
Topic: Harddrive, Folder and Database encryption for hMailServer
Replies: 9
Views: 11743

Re: Harddrive, Folder and Database encryption for hMailServer

Just to clarify. Win 8 and above will store a bitlocker key in onedrive if you log on with an MS account during installation. If you choose a local account it won't (it won't default arm bitlocker either). IF the box is joined to an AD domain it's controllable by GPO If you just would like to encryp...
by mats
2018-12-22 22:32
Forum: Scripting
Topic: Can i do an autban script based on this?
Replies: 43
Views: 28395

Re: Can i do an autban script based on this?

updated. Missed one parameter Sub OnClientConnect(oClient) 'Variables ClientIp = oClient.IpAddress 'Connecting remote IP address WhiteList = "127.0.0.1,172.16.1.1-172.16.255.255,1.2.3.4" 'Variable array for whitelisted IP addresses to exclude, localhost, maybe your servers IP address, your WebClient...
by mats
2018-12-22 21:02
Forum: Scripting
Topic: Can i do an autban script based on this?
Replies: 43
Views: 28395

Re: Can i do an autban script based on this?

My variant, added support for whitelisting IP ranges Sub OnClientConnect(oClient) 'Variables ClientIp = oClient.IpAddress 'Connecting remote IP address WhiteList = "127.0.0.1,172.16.1.1-172.16.255.255,1.2.3.4" 'Variable array for whitelisted IP addresses to exclude, localhost, maybe your servers IP ...
by mats
2018-12-22 17:00
Forum: Scripting
Topic: Can i do an autban script based on this?
Replies: 43
Views: 28395

Re: Can i do an autban script based on this?

Thanks.
I have activated that and made my own variant of the AbuseIPDB script to blacklist all that i can.
by mats
2018-12-20 21:48
Forum: Scripting
Topic: Can i do an autban script based on this?
Replies: 43
Views: 28395

Re: Can i do an autban script based on this?

Seems to be 25 only.

I have 5.6.6 installed.
Does DisableAUTHList work with that?
Found an older thread that indicated that a special build was required
by mats
2018-12-19 20:53
Forum: Scripting
Topic: Can i do an autban script based on this?
Replies: 43
Views: 28395

Re: Can i do an autban script based on this?

I see two repeating patterns on my mailserver of spammers trying to use on of my domains. They try to send a Mail and when they get a PW request they quit the connection. "SMTPD" 2316 1668 "2018-12-18 18:34:56.751" "190.236.239.220" "SENT: 530 SMTP authentication is required." "DEBUG" 2316 "2018-12...
by mats
2018-12-18 20:39
Forum: Scripting
Topic: Can i do an autban script based on this?
Replies: 43
Views: 28395

Can i do an autban script based on this?

I see two repeating patterns on my mailserver of spammers trying to use on of my domains. They try to send a Mail and when they get a PW request they quit the connection. "SMTPD" 2316 1668 "2018-12-18 18:34:56.751" "190.236.239.220" "SENT: 530 SMTP authentication is required." "DEBUG" 2316 "2018-12-...
by mats
2018-05-06 22:46
Forum: User-submitted tutorials
Topic: Step by step LetsEncrypt WinSimple
Replies: 66
Views: 149059

Re: Step by step LetsEncrypt WinSimple

This is my way of having letsencrypt.exe handle cert updates and restarting hmailserver when needed. letsencrypt calls a smple script i created (importhmailserver.cmd) with {0} {2} as parameters (ie the domain name and the pfx path) powershell.exe c:\letsencrypt\scripts\importhmailserver.ps1 %1 %2 %...