Search found 966 matches

by katip
2021-10-20 19:12
Forum: General discussions
Topic: How to Forward all outbound email
Replies: 8
Views: 107

Re: How to Forward all outbound email

pajero wrote:
2021-10-20 13:32
palinka wrote:
2021-10-20 12:56
Create a rule:

If message size greater than 0, then forward email.
I did it but it works for incoming emails.
if you want to forward outgoing mails from that user, you should make a global rule:

Code: Select all

if from contains aaa@local.com
and
X-hMailServer-LoopCount < 1
forward to bbb@external.com
by katip
2021-10-17 14:03
Forum: General discussions
Topic: "Call Back" sender validation ...
Replies: 12
Views: 210

Re: "Call Back" sender validation ...

https://en.wikipedia.org/wiki/Callback_verification If a server receives a lot of spam it may do a lot of callbacks. If those addresses are invalid or spamtrap, the server will look very similar to a spammer who is doing a dictionary attack to harvest addresses. This in turn might get the server bl...
by katip
2021-10-15 12:58
Forum: General discussions
Topic: Aliases
Replies: 13
Views: 187

Re: Aliases

In other words with the Distribution Lists I have used most (not within hMailServer), each member of the Distribution List would see an email addressed to their actual Member Email ID. An Outlook Contact Group is an example of such a Distribution List I am referring to. Outlook being an Email Clien...
by katip
2021-10-15 11:34
Forum: General discussions
Topic: Aliases
Replies: 13
Views: 187

Re: Aliases

I realize what KTS stated. I just was pointing out what the results of the Distribution List would be since this had been offered as a solution so KTS would know what would be seen by the recipients. I did this because normally the Distribution Lists I've worded with in email such as with Outlook, ...
by katip
2021-10-15 09:55
Forum: General discussions
Topic: Aliases
Replies: 13
Views: 187

Re: Aliases

What I was pointing out was that the Email IDs in the Distribution list did not show as the Email Id that was being sent to. All the emails that were directed to the Distribution List members all showed the TO Email Id as the Distribution List Name instead of the Member Email IDs. yes, ok. but OP w...
by katip
2021-10-15 08:18
Forum: General discussions
Topic: Aliases
Replies: 13
Views: 187

Re: Aliases

create alias : alias@local.com -> aliasdistro@local.com

create distrolist : aliasdistro@local.com
add aaa@local.com, bbb@external.com, etc...

send a mail To: alias@local.com

aaa@local.com, bbb@external.com, etc... will receive it showing:
From: you@local com
To: alias@local.com
by katip
2021-10-13 15:10
Forum: General discussions
Topic: How to block .co domains
Replies: 11
Views: 181

Re: How to block .co domains

i keep my top spammer HELO/EHLO's in a text file. onHelo looks up there. it makes about more than half of total spam. my current all-star team (regex starts with ^ and ends with $ of course) : (hotmail\.com|msn\.com|amazon\.com|gmail\.com) #spammer .+?\.(art|bar|buzz|cam|casa|center|cloud|club|date|...
by katip
2021-10-13 11:57
Forum: General discussions
Topic: How to block .co domains
Replies: 11
Views: 181

Re: How to block .co domains

my recent collection :

Code: Select all

(art|bar|buzz|cam|casa|center|cloud|club|date|email|fun|group|guru|home|li[vf]e|link|one|online|press|pro|rest|shop|site|stream|tech|today|top|trade|website|work|world|xyz)
by katip
2021-10-04 18:58
Forum: Off-topic discussions
Topic: unwanted connections Brutforce/Spam - what todo ?
Replies: 6
Views: 179

Re: unwanted connections Brutforce/Spam - what todo ?

yesterday i encountered this too: "SMTPD" 4240 7650 "2021-10-03 10:35:54.157" "117.68.195.221" "RECEIVED: EHLO swkqy" "SMTPD" 4240 7658 "2021-10-03 10:36:13.939" "117.68.195.221" "RECEIVED: EHLO sjpea" "SMTPD" 1732 7660 "2021-10-03 10:36:15.689" "117.68.195.221" "RECEIVED: EHLO myfa" "SMTPD" 4704 76...
by katip
2021-10-04 15:38
Forum: Off-topic discussions
Topic: unwanted connections Brutforce/Spam - what todo ?
Replies: 6
Views: 179

Re: unwanted connections Brutforce/Spam - what todo ?

yes, majority from RU, US and VN. we get hundreds every day.
i don't know which version is your HMS, if 5.6.8 Rvdh build or 5.7, simple regex [A-Za-z0-9]{6,12} triggering Result.Value = 1 with onHelo is good enough for me. we don't have such client host name, there can't be any FP. YMMV.
by katip
2021-10-02 14:52
Forum: General discussions
Topic: Public Mail Extension
Replies: 1
Views: 119

Re: Public Mail Extension

by katip
2021-09-30 20:47
Forum: General discussions
Topic: How Do I Block All Mail Containing a Specific String
Replies: 22
Views: 7517

Re: How Do I Block All Mail Containing a Specific String

SorenR wrote:
2021-09-30 18:02
99 of 100 times I install software in a directory with NO spaces
+1
to avoid the issue Microsoft continues to have with spaces in directory/file names since Windows 2.11 (yes, I'm that old).
me too :D but IIRC it was introduced with '95
never used 2.11, my Windows adventure starts with 3.0 :P
by katip
2021-09-27 18:47
Forum: General discussions
Topic: Could you please explain what is going on in this log?
Replies: 17
Views: 4641

Re: Could you please explain what is going on in this log?

palinka wrote:
2021-09-27 15:23
katip wrote:
2021-09-27 14:06
AFAIK Autoban works for all protocols.
It can be scripted to work that way.
no, built in, was ever so.
try and see.
by katip
2021-09-27 14:06
Forum: General discussions
Topic: Could you please explain what is going on in this log?
Replies: 17
Views: 4641

Re: Could you please explain what is going on in this log?

AFAIK Autoban works for all protocols.
by katip
2021-09-17 13:07
Forum: General discussions
Topic: Address validation
Replies: 37
Views: 4468

Re: Address validation

never mind.
i changed the one in vbs to HMS internal one.
thanks.
by katip
2021-09-16 15:44
Forum: General discussions
Topic: Address validation
Replies: 37
Views: 4468

Re: Address validation

:oops: Tried escaping, except the double quotes Seems to work now "Mert (Izmir) mgelen"@somedomain.com failed with that (RFC conform??) monster regex in EventHandlers.vbs. BUT HMS accepted it. and recipient too... (...) "SMTPD" 4092 39905 "2021-09-16 15:34:40.837" "192.168.0.67" "RECEIVED: RCPT TO:...
by katip
2021-09-15 12:48
Forum: Off-topic discussions
Topic: Require SSL/TLS for authentication
Replies: 9
Views: 2575

Re: Require SSL/TLS for authentication

SMTP 25 (AUTH disabled) POP 110 (STARTTLS optional) IMAP 143 <<=========== STARTLS optional SMTP 465 (SSL/TLS) SMTP 587 (STARTTLS optional) IMAP 993 (SSL/TLS) POP 995 (SSL/TLS) Should i just turn the switch? Or do you notify clients without SSL/TLS? How do you monitor clients without SSL/TLS? we ha...
by katip
2021-09-15 08:00
Forum: General discussions
Topic: Localhost 127.0.0.1 banned itself
Replies: 20
Views: 1722

Re: Localhost 127.0.0.1 banned itself

SorenR wrote:
2021-09-14 21:28
As long as the "name" is different you can have 1,000,000 identical ranges. That is one of the first things you observe from installing a webmail with a high priority ;-)
good :D
useless i mean, except the one on top.
by katip
2021-09-14 20:32
Forum: General discussions
Topic: Localhost 127.0.0.1 banned itself
Replies: 20
Views: 1722

Re: Localhost 127.0.0.1 banned itself

IP range overrules autoban here, so if the ip range priority for 127.0.0.1 is higher then the autoban priority a login attempt from that ip is not banned sorry that i come back to my question but it's still not clear to me. in fact, IP ranges and ban ranges are same things, they're kept in same tab...
by katip
2021-09-14 13:28
Forum: General discussions
Topic: Localhost 127.0.0.1 banned itself
Replies: 20
Views: 1722

Re: Localhost 127.0.0.1 banned itself

PMFJI, interesting case. same IP range, one with 100 other with 125 priority. ok, HMS reads from higher to lower etc. but what if both were same priority? block or pass? IMO same range multiple times shouldn't be accepted whatever their priority are. what can it be good for? //EDIT: ok, understood "...
by katip
2021-09-11 13:21
Forum: Development & alpha discussions
Topic: DistributionList modes
Replies: 10
Views: 2171

Re: DistributionList modes

Automatically purging is a complicated task i think, especially when users don't use their account names in distribution list but for example use a alias instead (we have a few client with domain permissions, it is really unbelievable the mess they make) yes i see... luckily i'm the only domain/ser...
by katip
2021-09-11 06:12
Forum: Development & alpha discussions
Topic: DistributionList modes
Replies: 10
Views: 2171

Re: DistributionList modes

not directly related with the topic, but while you set a hand on it... deletion of an account should remove it also from all distro lists where it was a member. we use many local distro lists and most users are members of multiple lists. albeit i do this by script (send a mail with subject "purge us...
by katip
2021-09-10 21:16
Forum: Development & alpha discussions
Topic: DistributionList modes
Replies: 10
Views: 2171

Re: DistributionList modes

with the option "Require SMTP Auth" checked, i think #4 is already covered, no?
#3 might be useful. kinda restricted #4. i'd use it.
by katip
2021-09-10 18:58
Forum: General discussions
Topic: Address validation
Replies: 37
Views: 4468

Re: Address validation

RvdH wrote:
2021-09-10 11:55
only <", user"@external.com.tr"> isn't a email address, is it? :lol:
That is FROM header
no. very likely it was a mail with some malformed multi To or CC. our user just did a "Reply All".
by katip
2021-09-10 11:44
Forum: General discussions
Topic: Address validation
Replies: 37
Views: 4468

Re: Address validation

There simply is NO Regular Expression Expression that 100% covers everything, period! +1. this is clear and common consensus. since i found it (RFC official??) i'm using in my scripts that monster: oRegEx.Pattern = "^(?:[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*|" & Chr(34) & "...
by katip
2021-09-08 11:48
Forum: General discussions
Topic: Problem connecting samsung email
Replies: 8
Views: 1445

Re: Problem connecting samsung email

IIRC there is an option in SSL droplist such as "accept all certs"
have you tried this?
by katip
2021-08-29 14:18
Forum: General discussions
Topic: Another good GeoIP resource
Replies: 4
Views: 749

Re: Another good GeoIP resource

https://hmailserver.com/forum/viewtopic.php?p=228989#p228989 I used it... Not the most accurate. even if you strip "None" (useless) lines you still get 383+K intervals. not bad i think. but ~100% accuracy is not possible anyway, no? did you encountered any discrepancies in European area? it's not a...
by katip
2021-08-29 08:50
Forum: General discussions
Topic: Another good GeoIP resource
Replies: 4
Views: 749

Another good GeoIP resource

i came across to this: https://iptoasn.com the guy claims to provide hourly updates. if you maintain your own table and do your IP geo lookups locally (like me), this may be interesting. integer intervals also available. this saves conversion job. with about 450K intervals it looks quite comprehensi...
by katip
2021-08-27 16:07
Forum: Scripting
Topic: event handler script for catching failed logins not working
Replies: 7
Views: 819

Re: event handler script for catching failed logins not working

this event does not exist in your version. upgrade to 5.6.8, available as Beta download but is good as stable. And even in 5.6.8 that event does not exist :mrgreen: You need my modified build, or use 5.7 ALPHA hmm, i thought your builds are lately concurrent with original project builds. good to kn...
by katip
2021-08-27 14:22
Forum: Scripting
Topic: event handler script for catching failed logins not working
Replies: 7
Views: 819

Re: event handler script for catching failed logins not working

I am running hmailserver version 5.6.7-B2425 Sub OnClientLogon(oClient) If Not oClient.Authenticated then eventlog.write(now() & " LOGIN FAILURE " & oClient.Username & " from " & oClient.IpAddress & " on port: " & oClient.Port) End if End Sub this event does not exist in your version. upgrade to 5....
by katip
2021-08-27 09:59
Forum: Development & alpha discussions
Topic: How to capture failed passwords
Replies: 57
Views: 3507

Re: How to capture failed passwords

https://github.com/danielmiessler/SecLists/blob/master/Passwords/Common-Credentials/10-million-password-list-top-1000000.txt Not sure how this list was gathered, but it could be of some use. At one point i incorporated it into my php 2FA to block common passwords. Surely these passwords are on the ...
by katip
2021-08-27 09:36
Forum: General discussions
Topic: Moving to a new server
Replies: 4
Views: 743

Re: Moving to a new server

1. Official howto. You can rely on this. SSD: my general experience is that anything on SSD is much faster than on HDD. it's up to your budget of course. SSD is still nothing cheap. 2. 64 bit build: is not even Beta yet, but some people (incl. me) use it on production servers. it's been reported som...
by katip
2021-08-26 19:44
Forum: Development & alpha discussions
Topic: How to capture failed passwords
Replies: 57
Views: 3507

Re: How to capture failed passwords

FYI, i ignore everything in there for logging passwords :mrgreen: meanwhile (4th day), i haven't seen any exciting performance from bots. user1234, user2021, user2020, (same with domain1234, domain2021...), qwerty, 123456, 1q2w3e4r... alike stereotyped rubbish, nothing else. now i think, it's not s...
by katip
2021-08-24 16:48
Forum: Development & alpha discussions
Topic: How to capture failed passwords
Replies: 57
Views: 3507

Re: How to capture failed passwords

It's not up to me ... Ruud will have to "translate" my mods to 5.7. Hope you did mean Martin? I'm have not planned an alternative build for 5.7 (other for myself, testing some stuff) I have not forked 5.7 so I can't do a PR for it ;-) And I know you are just waiting to get your magic hands on it :m...
by katip
2021-08-24 15:37
Forum: Development & alpha discussions
Topic: How to capture failed passwords
Replies: 57
Views: 3507

Re: How to capture failed passwords

turn-key solution. adjust just 1 path and you go. grab it while you can :lol: i think, after intense "neighborhood pressure" Martin will revoke this event. so what do you suggest as a "tame" alternative (probably within onClientLogon) to this concept (bad passwords collection)? or should bad passwo...
by katip
2021-08-24 14:12
Forum: Development & alpha discussions
Topic: How to capture failed passwords
Replies: 57
Views: 3507

Re: How to capture failed passwords

turn-key solution. adjust just 1 path and you go. grab it while you can :lol: i think, after intense "neighborhood pressure" Martin will revoke this event. so what do you suggest as a "tame" alternative (probably within onClientLogon) to this concept (bad passwords collection)? or should bad passwor...
by katip
2021-08-24 06:09
Forum: Development & alpha discussions
Topic: How to capture failed passwords
Replies: 57
Views: 3507

Re: How to capture failed passwords

doNothing ? :) If oAccount.ValidatePassword(sPassword) Then Exit Sub Else EventLog.Write("FAILED login by passw error!!!!: " & oAccount.Address & " with PW " & sPassword) 'gets looped End If But this still repeats the OnClientValidatePassword(oAccount, sPassword) event being called massively (loopi...
by katip
2021-08-23 21:14
Forum: Development & alpha discussions
Topic: How to capture failed passwords
Replies: 57
Views: 3507

Re: How to capture failed passwords

All logins are logged in OnClientValidatePassword and not only the failed ones and there is no way to differentiate between the 2 types, that is bad, very bad (in my opinion)! hence i added this: If oAccount.ValidatePassword(sPassword) Then doNothing = True Else EventLog.Write("FAILED login by pass...
by katip
2021-08-23 19:49
Forum: Development & alpha discussions
Topic: How to capture failed passwords
Replies: 57
Views: 3507

Re: How to capture failed passwords

All logins are logged in OnClientValidatePassword and not only the failed ones and there is no way to differentiate between the 2 types, that is bad, very bad (in my opinion)! hence i added this: If oAccount.ValidatePassword(sPassword) Then doNothing = True Else EventLog.Write("FAILED login by pass...
by katip
2021-08-23 15:48
Forum: Development & alpha discussions
Topic: How to capture failed passwords
Replies: 57
Views: 3507

Re: How to capture failed passwords

this causes a loop as explained above but that's ok, my workaround copes with this. not an elegant solution though, loop keeps running internally until it exits - no idea how. But is it a loop? you are testing with IMAP by any chance? IMAP triggers this event repeatingly yes i remember it from onHe...
by katip
2021-08-23 15:30
Forum: Development & alpha discussions
Topic: How to capture failed passwords
Replies: 57
Views: 3507

Re: How to capture failed passwords

so or so, as seen, "OnClientValidatePassword" can be used to capture submitted passwords in plain text. if you consider this as a security leak, it can be fixed or revoked at all - something to discuss with Martin. otherwise onClientLogon is a better place for such purpose i think. anyway, i'm fine...
by katip
2021-08-23 15:09
Forum: Development & alpha discussions
Topic: How to capture failed passwords
Replies: 57
Views: 3507

Re: How to capture failed passwords

mattg wrote:
2021-08-23 14:28
Failed passwords are still logged - guaranteed

That's the ONLY reason that I turn password logging on
How do you know if the password was good or bad?
by katip
2021-08-23 14:10
Forum: Development & alpha discussions
Topic: How to capture failed passwords
Replies: 57
Views: 3507

Re: How to capture failed passwords

so or so, as seen, "OnClientValidatePassword" can be used to capture submitted passwords in plain text. if you consider this as a security leak, it can be fixed or revoked at all - something to discuss with Martin. otherwise onClientLogon is a better place for such purpose i think. anyway, i'm fine ...
by katip
2021-08-23 12:35
Forum: Development & alpha discussions
Topic: How to capture failed passwords
Replies: 57
Views: 3507

Re: How to capture failed passwords

jimimaseye wrote:
2021-08-23 12:21
RvdH wrote:
2021-08-23 10:12

I'm not the biggest fan of exposing unencrypted password(s) through scripts/events, eg: there is a valid reason why all password are replaced with *** in logging
+1
in fact me too. i dare to ask as Martin committed such thing.
by katip
2021-08-23 05:41
Forum: Development & alpha discussions
Topic: How to capture failed passwords
Replies: 57
Views: 3507

Re: How to capture failed passwords

SorenR wrote:
2021-08-22 22:43
I don't have "OnValidate..." implemented in my 5.6.8 but I have modified "OnClientLogon" to give me unencrypted password 8)
any chance for public benefit?? (Ruud?)
concept is useful i think. it's good to monitor what the bots invent all the day.
by katip
2021-08-23 05:29
Forum: Development & alpha discussions
Topic: How to capture failed passwords
Replies: 57
Views: 3507

Re: How to capture failed passwords

I do this, without looping (The loop is in your script) Sub OnClientValidatePassword(oAccount, sPassword) EventLog.Write("New login attempt!!!!: " & oAccount.Address & " with PW ")' & sPassword) End Sub remove the apostrophe after the " with PW ") to see passwords in the log yes, no loop if you jus...
by katip
2021-08-22 19:12
Forum: Development & alpha discussions
Topic: How to capture failed passwords
Replies: 57
Views: 3507

How to capture failed passwords

i'm trying to collect user + password pairs from failed logins due to password error. as far as i understand, there is no (yet official) way to capture sent passwords during auth. OnClientValidatePassword(oAccount, sPassword) here https://github.com/hmailserver/hmailserver/pull/338 provides both acc...
by katip
2021-08-18 08:42
Forum: General discussions
Topic: Rule applying
Replies: 6
Views: 931

Re: Rule applying

alescan wrote:
2021-08-17 17:06
I set up a local rule to an account, if from "my personal address" move to imap folder "inbox.folder".
is IF "equal" or "contains"?
try "contains".
by katip
2021-08-13 05:53
Forum: General discussions
Topic: Address validation
Replies: 37
Views: 4468

Re: Address validation

The conclusion is that no validation of addresses is done at all, and only validation of the FORMAT is performed. I helped Martin with the regex (as I raised a discrepancy as the original weren't allowing some valid characters). Martin opted for a version which loosely did the necessary job (suffic...
by katip
2021-08-07 18:48
Forum: General discussions
Topic: Address validation
Replies: 37
Views: 4468

Re: Address validation

Allthough I suspect I'm much older than you, the statistics says otherwise. I live in Denmark and the hot topic right now is our former Prime Minister hosting a documentary on national TV about The Klaksvík battle on the Faeroe Islands (his wife is Faroese) and at the same time collecting votes to ...
by katip
2021-08-07 16:02
Forum: General discussions
Topic: Address validation
Replies: 37
Views: 4468

Re: Address validation

got it! valuable stuff here: https://emailregex.com/email-validation-summary/ If the quoted local part has a backslash, the following character is escaped and must not be 10 (LF), 13 (CR). This supersedes the previous rule, allowing spaces and quotation marks in the email address as long as they are...
by katip
2021-08-07 15:31
Forum: General discussions
Topic: Address validation
Replies: 37
Views: 4468

Re: Address validation

Found this... https://emailregex.com/ General Email Regex (RFC 5322 Official Standard) (?:[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*|"(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21\x23-\x5b\x5d-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])*")@(?:(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-...
by katip
2021-08-07 15:25
Forum: General discussions
Topic: Address validation
Replies: 37
Views: 4468

Re: Address validation

String is escaped... \" = " and \\ = \ due to how C++ handles strings. Syntax is Perl IIRC. yes before testing i replaced any \\ with \ anyway: Local user <-> HMS "SMTPD" 2888 9723 "2021-08-07 09:35:21.652" "192.168.0.4" "RECEIVED: RCPT TO:<"e-somecompany.cz=29'?= name.surname"@e-somecompany.cz>" "...
by katip
2021-08-07 14:45
Forum: General discussions
Topic: Address validation
Replies: 37
Views: 4468

Re: Address validation

https://github.com/hmailserver/hmailserver/commit/35e3634537bf915e458c24de81df8c40dbeab8d6#diff-89c358d65bcfbcdcc6c3b779eb772e075048529fd69b7196f7966702250be4f6 Code to validate email (5.6.8 & 5.7) ok, correct me pls if i'm wrong. this is the regex (line 64): ^((\"[^<>@\\]+\")|([^<> @\\\"]+))@(\[([...
by katip
2021-08-07 13:15
Forum: General discussions
Topic: Address validation
Replies: 37
Views: 4468

Re: Address validation

I once helped martin solve the regex for address format validation. It is in github under an issue somewhere if you care to search for it (i can't - I'm on my holi-bobs). There is no validation of external addresses other than an email format validation. sorry for the topic title. actually it shoul...
by katip
2021-08-07 11:33
Forum: General discussions
Topic: Address validation
Replies: 37
Views: 4468

Re: Address validation

Bug in Thunderbird? Looks like a From header syntax. no, From is fine. just one of the external recipients was malformed. it was in CC when original message arrived. colleague only did a "reply all", as a result it was taken by TB again to CC. i.e. Original incoming mail: From: some@external.com To...
by katip
2021-08-07 11:22
Forum: General discussions
Topic: Address validation
Replies: 37
Views: 4468

Re: Address validation

mattg wrote:
2021-08-07 10:40
I remember Martin once answering this question

I think it was in the context of AUTH for a domain without a TLD, ie user@example
But I can't find that post
i think it doesn't validate external addresses at all. just puts the message in queue even if recipient address is malformed.
by katip
2021-08-07 10:14
Forum: General discussions
Topic: Address validation
Replies: 37
Views: 4468

Address validation

any idea how HMS validates email addresses? for various purposes i use in my scripts: oRegEx.Pattern = "^[^\W][\w\.=-]+\@[^\W][\w\.-]+\.[\w]{2,8}$" which works fine, but in theory, of course it's not so simple. back to topic.. one colleague (client Thunderbird) "replied all" to an email where one of...
by katip
2021-07-30 15:01
Forum: General discussions
Topic: K9 android mail app - Authentication Failed
Replies: 19
Views: 2055

Re: K9 android mail app - Authentication Failed

The only android email app that works with every MTA every time is Nine Folders. They get it right. Also works great with hmailserver + horde ActiveSync. ProfiMail Go https://play.google.com/store/apps/details?id=com.lonelycatgames.PM stopped development and went freeware (no ads, no nags, no proxy...