Sub OnHELO(oClient) progress?

Use this forum if you want to discuss a problem or ask a question related to a hMailServer beta release.
User avatar
RvdH
Senior user
Senior user
Posts: 2483
Joined: 2008-06-27 14:42
Location: The Netherlands

Re: Sub OnHELO(oClient) progress?

Post by RvdH » 2022-08-18 11:00

Latest is 5.6.9-B2602.49
Simply install the latest production and/or beta artifact from the URL below, then copy and overwrite files in this archive in hmailserver '/bin' directory
https://build.hmailserver.com/viewLog.h ... =artifacts (login as guest)
  1. Added: OnHELO(oClient) event, issue #153
  2. Fix: Incorrect DEBUG logging for event 'OnDeliverMessage', issue #181
  3. Added: Include HTMLBody into IMAP TEXT search, pull #193
  4. Fix: implicit conversion: "int" to "unsigned char" pull #204
  5. Fix: Faulty SMTP 'Disconnect client after too many invalid commands' pull issue #160
  6. Fix: SMTP server error "550 Unsupported ESMTP extension" on MAIL FROM:... AUTH=<> [with fix] issue #164
  7. Fix: Removed warning if backup was more than 1,5GB and 15GB limit. There's no longer a recommended max-size - the time will vary with the installation size. issue #69
  8. Fix: Speed up 'update hm_messages set messageflags' issue #221
  9. A̶d̶d̶e̶d̶:̶ ̶t̶h̶r̶e̶a̶t̶ ̶a̶u̶t̶h̶e̶n̶t̶i̶c̶a̶t̶e̶d̶ ̶u̶s̶e̶r̶s̶ ̶a̶s̶ ̶l̶o̶c̶a̶l̶s̶e̶n̶d̶e̶r̶ ̶i̶f̶ ̶t̶h̶e̶ ̶s̶e̶n̶d̶e̶r̶ ̶i̶s̶ ̶a̶u̶t̶h̶e̶n̶t̶i̶c̶a̶t̶e̶d̶ ̶a̶n̶d̶ ̶A̶u̶t̶h̶U̶s̶e̶r̶I̶s̶L̶o̶c̶a̶l̶=̶1̶ ̶I̶N̶I̶ ̶s̶e̶t̶t̶i̶n̶g̶ ̶O̶f̶f̶i̶c̶e̶ ̶2̶0̶1̶6̶/̶2̶0̶1̶9̶ ̶B̶u̶g̶
  10. Added: Return-Path header as topmost header before sending the message to SA (+ delete Return-Path header after the SA check completes) issue #116
  11. Added: Event OnClientLogon(oClient), New ClientInfo property oClient.Authenticated (Boolean)
  12. Fix: Handling of long UIDL response lists was too slow. issue #93
  13. Fix: When calling SpamAssassin and there was a connection failure, sometimes temporary files were left behind issue #100
  14. Fix: SURBL detection properly fails to detect url's ending with a query string issue #108
  15. Fix: If a route is set up, but the recipient does not match an address in the route address list, the domain catch-all should be used if specified. issue #74
  16. Fix: ExternalFetcher DELE when no RETR, pull pull #254
  17. Fix: SMTP multiply max message size with 1024 issue #267
  18. Added: email address variable to SignatureAdder.cpp pull #265
  19. Fix: DKIM on acccount-rule 'reply' not applied #172 issue #172
  20. Fix: preserve RewriteEnvelopeFromWhenForwarding setting when forwarding from account rule
  21. Fix: The logical flow should be to disregard "Require SMTP authentication" if "Allow deliveries from" is unselected issue #287
  22. Added: ability to DKIM sign NDR messages (forwarded to external) pull #301
  23. Added: Use custom daemonaddressdomain from INI pull #301
  24. Fix: SURBL regex pull #320
  25. A̶d̶d̶e̶d̶:̶ ̶R̶M̶S̶P̶F̶ ̶l̶i̶b̶r̶a̶r̶y̶ ̶S̶p̶a̶m̶T̶e̶s̶t̶S̶P̶F̶ ̶R̶e̶s̶u̶l̶t̶ ̶t̶o̶ ̶D̶E̶B̶U̶G̶ ̶l̶o̶g̶g̶i̶n̶g̶,̶ ̶s̶e̶e̶ ̶t̶h̶i̶s̶ ̶f̶o̶r̶u̶m̶ ̶t̶o̶p̶i̶c̶
  26. Fix: Ignore SpamTestSPF and SpamTestHeloHost when send thru local IP Address, see this forum topic
  27. Added: SPF test to include "HELO/EHLO host" used by DNS macros pull 353
  28. Fix: 'Unencrypted Cleartext Login' vulnerability detection pull 242
  29. Fix: Anti-spam; Maximum message to scan (KB) is now limited to 256MB, see this forum topic
  30. Added: "UseDNSCache" INI setting. 1 = Use cache in DNS Client service (default). 0 = Bypass cache in DNS Client service. pull 396
  31. Fix: AWStats::LogDeliveryFailure was called twice for each message in OnDeliveryFailed pull 368
  32. Fix: oMessage object was empty (in some circumstances) when called from OnDeliveryFailed pull 369
  33. Added: Experimental events OnRecipientUnknown(oClient, oMessage) and OnTooManyInvalidCommands(oClient, oMessage) pull #390
  34. Added: TLS server cipher preference support and support for prioritizing ChaCha20Poly1305 pull 379
  35. Added: DKIM signature for domain aliases pull 383
  36. Added: "DNSServer" INI setting. Single (local) DNS server IPv4 addresses to use within hMailServer instead of default system DNS. pull 396
  37. Added: Auto-Submitted header for auto-generated messages pull 386
  38. Added: New ClientInfo properties oClient.EncryptedConnection (Boolean), oClient.CipherVersion, oClient.CipherName and oClient.CipherBits pull #391
  39. Added: DomainMembers DistributionList mode pull #392
  40. Added: X-hMailServer-Envelope-From header, grouping off all X-hMailServer-* headers, For consistency equalize Return-Path format used within hMailServer, eg: Return-Path: <return-route-addr> (always use angle brackets)
  41. Fix: integer overflow check for SPF macro segment count pull #399
  42. Added: New ClientInfo property oClient.SessionID (long) issue #401
  43. Added: New Status property oApp.Status.ThreadID (long) this forum topic
  44. Added: rDNS/PTR AntiSpam Check pull #413
  45. Added: Prefer IPv6 over IPv4 pull #415
  46. Fix: SpamTestHeloHost IPv6 Fix pull #416
  47. Fix: Changed ClamAV Scan from STREAM to INSTREAM. issue #420
  48. Added: MIME Recipient Headers as configurable comma delimited string pull #428
  49. Fix: AUTH PLAIN followed by base64 encoded username and password (on same line) in log exposed account password. pull #437
  50. Fix: rfc4954 After a successful AUTH command completes, a server MUST reject any further AUTH commands with a 503 reply. pull #438
  51. Fix: HM5157 SpamAssassinClient::OnReadError, The WinSock error code is 2. issue #167
Important! This fork requires you to add additional entries to the hm_settings database table, eg:

MariaDB, MySQL

Code: Select all

insert into hm_settings (settingname, settingstring, settinginteger) 
  select 'TlsOptions', '', 0 from dual
where not exists 
  (select settingname from hm_settings where settingname='TlsOptions');

insert into hm_settings (settingname, settingstring, settinginteger) 
  select 'ascheckptr', '', 0 from dual
where not exists 
  (select settingname from hm_settings where settingname='ascheckptr');

insert into hm_settings (settingname, settingstring, settinginteger) 
  select 'ascheckptrscore', '', 1 from dual
where not exists 
  (select settingname from hm_settings where settingname='ascheckptrscore');

insert into hm_settings (settingname, settingstring, settinginteger) 
  select 'IPv6Preferred', '', 0 from dual
where not exists 
  (select settingname from hm_settings where settingname='IPv6Preferred');

alter table hm_fetchaccounts add column if not exists famimerecipientheaders varchar(255) not null default 'To,CC,X-RCPT-TO,X-Envelope-To';

update hm_dbversion set value = 5606;
MSSQL

Code: Select all

IF NOT EXISTS(SELECT settingname FROM hm_settings WHERE settingname = 'TlsOptions')
INSERT INTO hm_settings(settingname, settingstring, settinginteger) VALUES ('TlsOptions','','0')
GO
IF NOT EXISTS(SELECT settingname FROM hm_settings WHERE settingname = 'ascheckptr')
insert into hm_settings (settingname, settingstring, settinginteger) values ('ascheckptr', '', 0)
GO
IF NOT EXISTS(SELECT settingname FROM hm_settings WHERE settingname = 'ascheckptrscore')
insert into hm_settings (settingname, settingstring, settinginteger) values ('ascheckptrscore', '', 1)
GO
IF NOT EXISTS(SELECT settingname FROM hm_settings WHERE settingname = 'IPv6Preferred')
insert into hm_settings (settingname, settingstring, settinginteger) values ('IPv6Preferred', '', 0)
GO
IF NOT EXISTS (
  SELECT
    *
  FROM
    INFORMATION_SCHEMA.COLUMNS
  WHERE
    TABLE_NAME = 'hm_fetchaccounts' AND COLUMN_NAME = 'famimerecipientheaders')
BEGIN
  ALTER TABLE hm_fetchaccounts
    ADD famimerecipientheaders nvarchar(255) NOT NULL DEFAULT 'To,CC,X-RCPT-TO,X-Envelope-To'
END;
GO
UPDATE hm_dbversion SET value = 5606
GO
Download
https://d-fault.nl/files/hMailServer-Bu ... 2602.49.7z

* Included hMailAdmin.exe fixes sorting of DateTime and IPAddress (IP4) values, not reflected in server application version numbering
CIDR to RegEx: d-fault.nl/cidrtoregex
DNS Lookup: d-fault.nl/dnstools
DKIM Generator: d-fault.nl/dkimgenerator
DNSBL Lookup: d-fault.nl/dnsbllookup
GEOIP Lookup: d-fault.nl/geoiplookup

User avatar
RvdH
Senior user
Senior user
Posts: 2483
Joined: 2008-06-27 14:42
Location: The Netherlands

Re: Sub OnHELO(oClient) progress?

Post by RvdH » 2022-08-20 22:40

Latest is 5.6.9-B2602.51
Simply install the latest production and/or beta artifact from the URL below, then copy and overwrite files in this archive in hmailserver '/bin' directory
https://build.hmailserver.com/viewLog.h ... =artifacts (login as guest)
  1. Added: OnHELO(oClient) event, issue #153
  2. Fix: Incorrect DEBUG logging for event 'OnDeliverMessage', issue #181
  3. Added: Include HTMLBody into IMAP TEXT search, pull #193
  4. Fix: implicit conversion: "int" to "unsigned char" pull #204
  5. Fix: Faulty SMTP 'Disconnect client after too many invalid commands' pull issue #160
  6. Fix: SMTP server error "550 Unsupported ESMTP extension" on MAIL FROM:... AUTH=<> [with fix] issue #164
  7. Fix: Removed warning if backup was more than 1,5GB and 15GB limit. There's no longer a recommended max-size - the time will vary with the installation size. issue #69
  8. Fix: Speed up 'update hm_messages set messageflags' issue #221
  9. A̶d̶d̶e̶d̶:̶ ̶t̶h̶r̶e̶a̶t̶ ̶a̶u̶t̶h̶e̶n̶t̶i̶c̶a̶t̶e̶d̶ ̶u̶s̶e̶r̶s̶ ̶a̶s̶ ̶l̶o̶c̶a̶l̶s̶e̶n̶d̶e̶r̶ ̶i̶f̶ ̶t̶h̶e̶ ̶s̶e̶n̶d̶e̶r̶ ̶i̶s̶ ̶a̶u̶t̶h̶e̶n̶t̶i̶c̶a̶t̶e̶d̶ ̶a̶n̶d̶ ̶A̶u̶t̶h̶U̶s̶e̶r̶I̶s̶L̶o̶c̶a̶l̶=̶1̶ ̶I̶N̶I̶ ̶s̶e̶t̶t̶i̶n̶g̶ ̶O̶f̶f̶i̶c̶e̶ ̶2̶0̶1̶6̶/̶2̶0̶1̶9̶ ̶B̶u̶g̶
  10. Added: Return-Path header as topmost header before sending the message to SA (+ delete Return-Path header after the SA check completes) issue #116
  11. Added: Event OnClientLogon(oClient), New ClientInfo property oClient.Authenticated (Boolean)
  12. Fix: Handling of long UIDL response lists was too slow. issue #93
  13. Fix: When calling SpamAssassin and there was a connection failure, sometimes temporary files were left behind issue #100
  14. Fix: SURBL detection properly fails to detect url's ending with a query string issue #108
  15. Fix: If a route is set up, but the recipient does not match an address in the route address list, the domain catch-all should be used if specified. issue #74
  16. Fix: ExternalFetcher DELE when no RETR, pull pull #254
  17. Fix: SMTP multiply max message size with 1024 issue #267
  18. Added: email address variable to SignatureAdder.cpp pull #265
  19. Fix: DKIM on acccount-rule 'reply' not applied #172 issue #172
  20. Fix: preserve RewriteEnvelopeFromWhenForwarding setting when forwarding from account rule
  21. Fix: The logical flow should be to disregard "Require SMTP authentication" if "Allow deliveries from" is unselected issue #287
  22. Added: ability to DKIM sign NDR messages (forwarded to external) pull #301
  23. Added: Use custom daemonaddressdomain from INI pull #301
  24. Fix: SURBL regex pull #320
  25. A̶d̶d̶e̶d̶:̶ ̶R̶M̶S̶P̶F̶ ̶l̶i̶b̶r̶a̶r̶y̶ ̶S̶p̶a̶m̶T̶e̶s̶t̶S̶P̶F̶ ̶R̶e̶s̶u̶l̶t̶ ̶t̶o̶ ̶D̶E̶B̶U̶G̶ ̶l̶o̶g̶g̶i̶n̶g̶,̶ ̶s̶e̶e̶ ̶t̶h̶i̶s̶ ̶f̶o̶r̶u̶m̶ ̶t̶o̶p̶i̶c̶
  26. Fix: Ignore SpamTestSPF and SpamTestHeloHost when send thru local IP Address, see this forum topic
  27. Added: SPF test to include "HELO/EHLO host" used by DNS macros pull 353
  28. Fix: 'Unencrypted Cleartext Login' vulnerability detection pull 242
  29. Fix: Anti-spam; Maximum message to scan (KB) is now limited to 256MB, see this forum topic
  30. Added: "UseDNSCache" INI setting. 1 = Use cache in DNS Client service (default). 0 = Bypass cache in DNS Client service. pull 396
  31. Fix: AWStats::LogDeliveryFailure was called twice for each message in OnDeliveryFailed pull 368
  32. Fix: oMessage object was empty (in some circumstances) when called from OnDeliveryFailed pull 369
  33. Added: Experimental events OnRecipientUnknown(oClient, oMessage) and OnTooManyInvalidCommands(oClient, oMessage) pull #390
  34. Added: TLS server cipher preference support and support for prioritizing ChaCha20Poly1305 pull 379
  35. Added: DKIM signature for domain aliases pull 383
  36. Added: "DNSServer" INI setting. Single (local) DNS server IPv4 addresses to use within hMailServer instead of default system DNS. pull 396
  37. Added: Auto-Submitted header for auto-generated messages pull 386
  38. Added: New ClientInfo properties oClient.EncryptedConnection (Boolean), oClient.CipherVersion, oClient.CipherName and oClient.CipherBits pull #391
  39. Added: DomainMembers DistributionList mode pull #392
  40. Added: X-hMailServer-Envelope-From header, grouping off all X-hMailServer-* headers, For consistency equalize Return-Path format used within hMailServer, eg: Return-Path: <return-route-addr> (always use angle brackets)
  41. Fix: integer overflow check for SPF macro segment count pull #399
  42. Added: New ClientInfo property oClient.SessionID (long) issue #401
  43. Added: New Status property oApp.Status.ThreadID (long) this forum topic
  44. Added: rDNS/PTR AntiSpam Check pull #413
  45. Added: Prefer IPv6 over IPv4 pull #415
  46. Fix: SpamTestHeloHost IPv6 Fix pull #416
  47. Fix: Changed ClamAV Scan from STREAM to INSTREAM. issue #420
  48. Added: MIME Recipient Headers as configurable comma delimited string pull #428
  49. Fix: AUTH PLAIN followed by base64 encoded username and password (on same line) in log exposed account password. pull #437
  50. Fix: rfc4954 After a successful AUTH command completes, a server MUST reject any further AUTH commands with a 503 reply. pull #438
  51. Fix: HM5157 SpamAssassinClient::OnReadError, The WinSock error code is 2. issue #167
  52. Fix: TCP/IP Ports 'Default' button in GUI did not add the standard port SMTP 587 (this port is standard added by SQL script during installation) #pull 441
  53. Removed: Collection of statistics, since it's no longer being used. issue #435
Important! This fork requires you to add additional entries to the hm_settings database table, eg:

MariaDB, MySQL

Code: Select all

insert into hm_settings (settingname, settingstring, settinginteger) 
  select 'TlsOptions', '', 0 from dual
where not exists 
  (select settingname from hm_settings where settingname='TlsOptions');

insert into hm_settings (settingname, settingstring, settinginteger) 
  select 'ascheckptr', '', 0 from dual
where not exists 
  (select settingname from hm_settings where settingname='ascheckptr');

insert into hm_settings (settingname, settingstring, settinginteger) 
  select 'ascheckptrscore', '', 1 from dual
where not exists 
  (select settingname from hm_settings where settingname='ascheckptrscore');

insert into hm_settings (settingname, settingstring, settinginteger) 
  select 'IPv6Preferred', '', 0 from dual
where not exists 
  (select settingname from hm_settings where settingname='IPv6Preferred');

alter table hm_fetchaccounts add column if not exists famimerecipientheaders varchar(255) not null default 'To,CC,X-RCPT-TO,X-Envelope-To';

update hm_dbversion set value = 5606;
MSSQL

Code: Select all

IF NOT EXISTS(SELECT settingname FROM hm_settings WHERE settingname = 'TlsOptions')
INSERT INTO hm_settings(settingname, settingstring, settinginteger) VALUES ('TlsOptions','','0')
GO
IF NOT EXISTS(SELECT settingname FROM hm_settings WHERE settingname = 'ascheckptr')
insert into hm_settings (settingname, settingstring, settinginteger) values ('ascheckptr', '', 0)
GO
IF NOT EXISTS(SELECT settingname FROM hm_settings WHERE settingname = 'ascheckptrscore')
insert into hm_settings (settingname, settingstring, settinginteger) values ('ascheckptrscore', '', 1)
GO
IF NOT EXISTS(SELECT settingname FROM hm_settings WHERE settingname = 'IPv6Preferred')
insert into hm_settings (settingname, settingstring, settinginteger) values ('IPv6Preferred', '', 0)
GO
IF NOT EXISTS (
  SELECT
    *
  FROM
    INFORMATION_SCHEMA.COLUMNS
  WHERE
    TABLE_NAME = 'hm_fetchaccounts' AND COLUMN_NAME = 'famimerecipientheaders')
BEGIN
  ALTER TABLE hm_fetchaccounts
    ADD famimerecipientheaders nvarchar(255) NOT NULL DEFAULT 'To,CC,X-RCPT-TO,X-Envelope-To'
END;
GO
UPDATE hm_dbversion SET value = 5606
GO
Download
https://d-fault.nl/files/hMailServer-Bu ... 2602.51.7z

* Included hMailAdmin.exe fixes sorting of DateTime and IPAddress (IP4) values, not reflected in server application version numbering
CIDR to RegEx: d-fault.nl/cidrtoregex
DNS Lookup: d-fault.nl/dnstools
DKIM Generator: d-fault.nl/dkimgenerator
DNSBL Lookup: d-fault.nl/dnsbllookup
GEOIP Lookup: d-fault.nl/geoiplookup

gotspatel
Normal user
Normal user
Posts: 230
Joined: 2013-10-08 05:42
Location: INDIA

Re: Sub OnHELO(oClient) progress?

Post by gotspatel » 2022-08-29 07:41

@Rvdh
RvdH wrote:
2022-08-20 22:40
Latest is 5.6.9-B2602.51
Is the Sub OnClientValidatePassword() part of this build? :idea:

User avatar
RvdH
Senior user
Senior user
Posts: 2483
Joined: 2008-06-27 14:42
Location: The Netherlands

Re: Sub OnHELO(oClient) progress?

Post by RvdH » 2022-08-29 08:49

gotspatel wrote:
2022-08-29 07:41
@Rvdh
RvdH wrote:
2022-08-20 22:40
Latest is 5.6.9-B2602.51
Is the Sub OnClientValidatePassword() part of this build? :idea:
It is removed for a long time, read comments here:
https://github.com/hmailserver/hmailserver/pull/338
CIDR to RegEx: d-fault.nl/cidrtoregex
DNS Lookup: d-fault.nl/dnstools
DKIM Generator: d-fault.nl/dkimgenerator
DNSBL Lookup: d-fault.nl/dnsbllookup
GEOIP Lookup: d-fault.nl/geoiplookup

gotspatel
Normal user
Normal user
Posts: 230
Joined: 2013-10-08 05:42
Location: INDIA

Re: Sub OnHELO(oClient) progress?

Post by gotspatel » 2022-08-29 17:26

Thank you for the info

Regards

User avatar
RvdH
Senior user
Senior user
Posts: 2483
Joined: 2008-06-27 14:42
Location: The Netherlands

Re: Sub OnHELO(oClient) progress?

Post by RvdH » 2022-08-31 11:19

gotspatel wrote:
2022-08-29 17:26
Thank you for the info

Regards
Any specific need for it? (5.7 still has this event, although i think it should be removed)
CIDR to RegEx: d-fault.nl/cidrtoregex
DNS Lookup: d-fault.nl/dnstools
DKIM Generator: d-fault.nl/dkimgenerator
DNSBL Lookup: d-fault.nl/dnsbllookup
GEOIP Lookup: d-fault.nl/geoiplookup

gotspatel
Normal user
Normal user
Posts: 230
Joined: 2013-10-08 05:42
Location: INDIA

Re: Sub OnHELO(oClient) progress?

Post by gotspatel » 2022-08-31 11:23

RvdH wrote:
2022-08-31 11:19
gotspatel wrote:
2022-08-29 17:26
Thank you for the info

Regards
Any specific need for it? (5.7 still has this event, although i think it should be removed)
To catch password used by bruteforce/bots trying to login :mrgreen:

User avatar
bagu
Senior user
Senior user
Posts: 260
Joined: 2005-06-17 03:08
Location: France
Contact:

Re: Sub OnHELO(oClient) progress?

Post by bagu » 2022-08-31 11:26

Hello,

Why not disconnect and ban clients who have too many failed connections?
hMailServer 5.6.8 With SpamAssassin 3.4.4

User avatar
RvdH
Senior user
Senior user
Posts: 2483
Joined: 2008-06-27 14:42
Location: The Netherlands

Re: Sub OnHELO(oClient) progress?

Post by RvdH » 2022-08-31 11:29

gotspatel wrote:
2022-08-31 11:23
RvdH wrote:
2022-08-31 11:19
gotspatel wrote:
2022-08-29 17:26
Thank you for the info

Regards
Any specific need for it? (5.7 still has this event, although i think it should be removed)
To catch password used by bruteforce/bots trying to login :mrgreen:
Does that catch passwords? Doubt it, not? I thought it was to override the account password with a script defined password
Last edited by RvdH on 2022-08-31 11:37, edited 1 time in total.
CIDR to RegEx: d-fault.nl/cidrtoregex
DNS Lookup: d-fault.nl/dnstools
DKIM Generator: d-fault.nl/dkimgenerator
DNSBL Lookup: d-fault.nl/dnsbllookup
GEOIP Lookup: d-fault.nl/geoiplookup

User avatar
RvdH
Senior user
Senior user
Posts: 2483
Joined: 2008-06-27 14:42
Location: The Netherlands

Re: Sub OnHELO(oClient) progress?

Post by RvdH » 2022-08-31 11:35

bagu wrote:
2022-08-31 11:26
Hello,

Why not disconnect and ban clients who have too many failed connections?
I do something similar in the OnClientLogon event all domains on my server have abuse@ and postmaster@ aliases, but i do not allow logins from those and some other generic unused account names
eg: honeypot accounts, i also submit those to abuseipdb.com & blocklist.de reputation services

Code: Select all

Sub OnClientLogon(oClient)
    
    Dim strRegEx : strRegEx = Empty
    strRegEx = "^(root|test|unix|sales|library|ldap|admin|administrator|postmaster|printer|abuse|logs)\@.+$"
    If Lookup(strRegEx, oClient.Username) Then
        Call AutoBan(oClient.IPAddress, oClient.Username & " (" & oClient.Port & ")", 1, "d")
        If (ReportToAbuseIPDB(oClient.IPAddress, "18,14", "Unauthorized connection attempt from IP address " & oClient.IPAddress & " on port " & oClient.Port)) Then
            EventLog.Write("INFO: ReportToAbuseIPDB: Unauthorized connection attempt from IP address " & oClient.IPAddress & " on port " & oClient.Port)
        End If
        Call fail2ban(oClient.IPAddress, service, Escape(Now() & vbTab & "Failed login for a non-existent email address/account (honeypot)" & vbCrLf & Now() & vbTab & "Connection from IP address: " & oClient.IPAddress & " on port: " & oClient.Port))
        Exit Sub
    End If
    
End Sub

Function Lookup(strRegEx, strMatch)
    If strRegEx = "" Then Exit Function
    With CreateObject("VBScript.RegExp")
        .Global = False
        .Pattern = strRegEx
        .IgnoreCase = True
        Lookup = .Test(strMatch)
    End With
End Function
CIDR to RegEx: d-fault.nl/cidrtoregex
DNS Lookup: d-fault.nl/dnstools
DKIM Generator: d-fault.nl/dkimgenerator
DNSBL Lookup: d-fault.nl/dnsbllookup
GEOIP Lookup: d-fault.nl/geoiplookup

gotspatel
Normal user
Normal user
Posts: 230
Joined: 2013-10-08 05:42
Location: INDIA

Re: Sub OnHELO(oClient) progress?

Post by gotspatel » 2022-08-31 12:17

RvdH wrote:
2022-08-31 11:29
gotspatel wrote:
2022-08-31 11:23
RvdH wrote:
2022-08-31 11:19


Any specific need for it? (5.7 still has this event, although i think it should be removed)
To catch password used by bruteforce/bots trying to login :mrgreen:
Does that catch passwords? Doubt it, not? I thought it was to override the account password with a script defined password
I was just going through this and wanted to know, if it is possible to get all the failed passwords.

HERE

User avatar
RvdH
Senior user
Senior user
Posts: 2483
Joined: 2008-06-27 14:42
Location: The Netherlands

Re: Sub OnHELO(oClient) progress?

Post by RvdH » 2022-08-31 12:22

gotspatel wrote:
2022-08-31 12:17
RvdH wrote:
2022-08-31 11:29
gotspatel wrote:
2022-08-31 11:23


To catch password used by bruteforce/bots trying to login :mrgreen:
Does that catch passwords? Doubt it, not? I thought it was to override the account password with a script defined password
I was just going through this and wanted to know, if it is possible to get all the failed passwords.

HERE
Not with my 5.6.x builds, OnClientValidatePassword is a security concern as described in the github topic posted above and i do not like logging passwords for that same reason, SorenRR has a build capable of returning/logging of passwords
CIDR to RegEx: d-fault.nl/cidrtoregex
DNS Lookup: d-fault.nl/dnstools
DKIM Generator: d-fault.nl/dkimgenerator
DNSBL Lookup: d-fault.nl/dnsbllookup
GEOIP Lookup: d-fault.nl/geoiplookup

gotspatel
Normal user
Normal user
Posts: 230
Joined: 2013-10-08 05:42
Location: INDIA

Re: Sub OnHELO(oClient) progress?

Post by gotspatel » 2022-08-31 12:32

RvdH wrote:
2022-08-31 12:22
gotspatel wrote:
2022-08-31 12:17
RvdH wrote:
2022-08-31 11:29


Does that catch passwords? Doubt it, not? I thought it was to override the account password with a script defined password
I was just going through this and wanted to know, if it is possible to get all the failed passwords.

HERE
Not with my 5.6.x builds, OnClientValidatePassword is a security concern as described in the github topic posted above and i do not like logging passwords for that same reason, SorenRR has a build capable of returning/logging of passwords
Yep I better stick with your build :D



BTW can you point me where i can get fail2ban for Windows

User avatar
RvdH
Senior user
Senior user
Posts: 2483
Joined: 2008-06-27 14:42
Location: The Netherlands

Re: Sub OnHELO(oClient) progress?

Post by RvdH » 2022-08-31 12:41

gotspatel wrote:
2022-08-31 12:32
RvdH wrote:
2022-08-31 12:22
gotspatel wrote:
2022-08-31 12:17


I was just going through this and wanted to know, if it is possible to get all the failed passwords.

HERE
Not with my 5.6.x builds, OnClientValidatePassword is a security concern as described in the github topic posted above and i do not like logging passwords for that same reason, SorenRR has a build capable of returning/logging of passwords
Yep I better stick with your build :D



BTW can you point me where i can get fail2ban for Windows
That isn't really fail2ban for windows, but something (C# console app) i named similar for use with blocklist.de, https://d-fault.nl/files

Code: Select all

fail2ban Options:
  -a, --apikey=VALUE         Your blocklist.de account API key
  -e, --email=VALUE          Your blocklist.de account registered email or Id
  -i, --ipaddress=VALUE      Attacker IP address
  -s, --service=VALUE        Attacked service, eg: pop3, smtp, imap
  -l, --logs=VALUE           Attack logs
  -v, --verbose              increase debug message verbosity
  -h, --help                 show this message and exit

Code: Select all

Function fail2ban(sIPAddress, sService, sLogs)
	dim filePath : filePath = "C:\Program Files (x86)\hMailServer\Events\fail2ban.exe"
	With CreateObject("WScript.Shell")
		.Run Chr(34) & filePath & Chr(34) &_
		" /a " & FAIL2BANKEY &_
		" /e " & FAIL2BANID &_
		" /i " & sIPAddress &_
		" /s " & sService &_
		" /l " & sLogs &_
		"",0,True
	End With
End Function
Last edited by RvdH on 2022-08-31 12:59, edited 5 times in total.
CIDR to RegEx: d-fault.nl/cidrtoregex
DNS Lookup: d-fault.nl/dnstools
DKIM Generator: d-fault.nl/dkimgenerator
DNSBL Lookup: d-fault.nl/dnsbllookup
GEOIP Lookup: d-fault.nl/geoiplookup

gotspatel
Normal user
Normal user
Posts: 230
Joined: 2013-10-08 05:42
Location: INDIA

Re: Sub OnHELO(oClient) progress?

Post by gotspatel » 2022-08-31 12:46

RvdH wrote:
2022-08-31 12:41
gotspatel wrote:
2022-08-31 12:32
RvdH wrote:
2022-08-31 12:22


Not with my 5.6.x builds, OnClientValidatePassword is a security concern as described in the github topic posted above and i do not like logging passwords for that same reason, SorenRR has a build capable of returning/logging of passwords
Yep I better stick with your build :D



BTW can you point me where i can get fail2ban for Windows
That isn't really fail2ban for windows, but something (C# console app) i named similar for use with blocklist.de, https://d-fault.nl/files
Thank you very much

Regards,

GP

User avatar
RvdH
Senior user
Senior user
Posts: 2483
Joined: 2008-06-27 14:42
Location: The Netherlands

Re: Sub OnHELO(oClient) progress?

Post by RvdH » 2022-08-31 13:06

gotspatel wrote:
2022-08-31 12:46

Thank you very much

Regards,

GP
i believe -l, --logs=VALUE needs at least 1 linebreak, eg:VbCrLF otherwise it won't work
CIDR to RegEx: d-fault.nl/cidrtoregex
DNS Lookup: d-fault.nl/dnstools
DKIM Generator: d-fault.nl/dkimgenerator
DNSBL Lookup: d-fault.nl/dnsbllookup
GEOIP Lookup: d-fault.nl/geoiplookup

User avatar
SorenR
Senior user
Senior user
Posts: 5676
Joined: 2006-08-21 15:38
Location: Denmark

Re: Sub OnHELO(oClient) progress?

Post by SorenR » 2022-08-31 13:28

gotspatel wrote:
2022-08-31 12:32
RvdH wrote:
2022-08-31 12:22
gotspatel wrote:
2022-08-31 12:17


I was just going through this and wanted to know, if it is possible to get all the failed passwords.

HERE
Not with my 5.6.x builds, OnClientValidatePassword is a security concern as described in the github topic posted above and i do not like logging passwords for that same reason, SorenRR has a build capable of returning/logging of passwords
Yep I better stick with your build :D
I believe there are minimal differences on Ruud's an mine fork... I think I have a few extra tweaks like only disclosing passwords in OnClientLogon() if authentication failed, a newer SPF library (1.12 vs 1.10) and the reply to EHLO is not ending in "250 HELP" but rather based on the options selected. That makes it difficult to identify the server as hMailServer ;-)

Could be fun to compare :mrgreen:
SørenR.

Eight bytes walk into a bar. The bartender asks, “Can I get you anything?”
“Yeah,” reply the bytes. “Make us a double.”

gotspatel
Normal user
Normal user
Posts: 230
Joined: 2013-10-08 05:42
Location: INDIA

Re: Sub OnHELO(oClient) progress?

Post by gotspatel » 2022-08-31 13:35

SorenR wrote:
2022-08-31 13:28
gotspatel wrote:
2022-08-31 12:32
RvdH wrote:
2022-08-31 12:22


Not with my 5.6.x builds, OnClientValidatePassword is a security concern as described in the github topic posted above and i do not like logging passwords for that same reason, SorenRR has a build capable of returning/logging of passwords
Yep I better stick with your build :D
I believe there are minimal differences on Ruud's an mine fork... I think I have a few extra tweaks like only disclosing passwords in OnClientLogon() if authentication failed, a newer SPF library (1.12 vs 1.10) and the reply to EHLO is not ending in "250 HELP" but rather based on the options selected. That makes it difficult to identify the server as hMailServer ;-)

Could be fun to compare :mrgreen:
Would love to check but first will have to learn compiling from source then from your github code :D

tstrike2000
Normal user
Normal user
Posts: 41
Joined: 2005-09-19 23:52
Location: Chicago

Re: Sub OnHELO(oClient) progress?

Post by tstrike2000 » 2022-09-27 20:04

I get an error on MySQL running: alter table hm_fetchaccounts add column if not exists famimerecipientheaders varchar(255) not null default 'To,CC,X-RCPT-TO,X-Envelope-To';

I'm using the MySQL script. I don't know enough when using phpmyadmin to insert this correctly manually.

ralfik
New user
New user
Posts: 10
Joined: 2007-12-16 02:41

Re: Sub OnHELO(oClient) progress?

Post by ralfik » 2022-09-28 15:31

Suggestion for improvement.. hMailServer 5.6.x does not work with TLS 1.1 and TLS 1.2 enabled only.

ADO: [DBNETLIB][ConnectionOpen (SECDoClientHandshake()).]SSL Security error.

User avatar
RvdH
Senior user
Senior user
Posts: 2483
Joined: 2008-06-27 14:42
Location: The Netherlands

Re: Sub OnHELO(oClient) progress?

Post by RvdH » 2022-09-29 12:26

tstrike2000 wrote:
2022-09-27 20:04
I get an error on MySQL running: alter table hm_fetchaccounts add column if not exists famimerecipientheaders varchar(255) not null default 'To,CC,X-RCPT-TO,X-Envelope-To';

I'm using the MySQL script. I don't know enough when using phpmyadmin to insert this correctly manually.
What error? What MySQL version?

You could try to leave out the 'if not exists' part, eg:

Code: Select all

alter table `hm_fetchaccounts` add column `famimerecipientheaders` varchar(255) not null default 'To,CC,X-RCPT-TO,X-Envelope-To';
CIDR to RegEx: d-fault.nl/cidrtoregex
DNS Lookup: d-fault.nl/dnstools
DKIM Generator: d-fault.nl/dkimgenerator
DNSBL Lookup: d-fault.nl/dnsbllookup
GEOIP Lookup: d-fault.nl/geoiplookup

User avatar
RvdH
Senior user
Senior user
Posts: 2483
Joined: 2008-06-27 14:42
Location: The Netherlands

Re: Sub OnHELO(oClient) progress?

Post by RvdH » 2022-09-29 12:37

ralfik wrote:
2022-09-28 15:31
Suggestion for improvement.. hMailServer 5.6.x does not work with TLS 1.1 and TLS 1.2 enabled only.

ADO: [DBNETLIB][ConnectionOpen (SECDoClientHandshake()).]SSL Security error.
Would this fix that?
https://github.com/Kilowhisky/hmailserv ... d75de67085

Can you try, https://d-fault.nl/files/hMailServer-Bu ... 2602.52.7z :?:
CIDR to RegEx: d-fault.nl/cidrtoregex
DNS Lookup: d-fault.nl/dnstools
DKIM Generator: d-fault.nl/dkimgenerator
DNSBL Lookup: d-fault.nl/dnsbllookup
GEOIP Lookup: d-fault.nl/geoiplookup

tstrike2000
Normal user
Normal user
Posts: 41
Joined: 2005-09-19 23:52
Location: Chicago

Re: Sub OnHELO(oClient) progress?

Post by tstrike2000 » 2022-09-30 23:08

RvdH wrote:
2022-09-29 12:26
tstrike2000 wrote:
2022-09-27 20:04
I get an error on MySQL running: alter table hm_fetchaccounts add column if not exists famimerecipientheaders varchar(255) not null default 'To,CC,X-RCPT-TO,X-Envelope-To';

I'm using the MySQL script. I don't know enough when using phpmyadmin to insert this correctly manually.
What error? What MySQL version?

You could try to leave out the 'if not exists' part, eg:

Code: Select all

alter table `hm_fetchaccounts` add column `famimerecipientheaders` varchar(255) not null default 'To,CC,X-RCPT-TO,X-Envelope-To';
Removing 'if not exists' worked. Thanks!

ralfik
New user
New user
Posts: 10
Joined: 2007-12-16 02:41

Re: Sub OnHELO(oClient) progress?

Post by ralfik » 2022-10-02 17:46

RvdH wrote:
2022-09-29 12:37
ralfik wrote:
2022-09-28 15:31
Suggestion for improvement.. hMailServer 5.6.x does not work with TLS 1.1 and TLS 1.2 enabled only.

ADO: [DBNETLIB][ConnectionOpen (SECDoClientHandshake()).]SSL Security error.
Would this fix that?
https://github.com/Kilowhisky/hmailserv ... d75de67085

Can you try, https://d-fault.nl/files/hMailServer-Bu ... 2602.52.7z :?:
You're the best. Thank you, it works.

User avatar
RvdH
Senior user
Senior user
Posts: 2483
Joined: 2008-06-27 14:42
Location: The Netherlands

Re: Sub OnHELO(oClient) progress?

Post by RvdH » 2022-10-03 08:23

ralfik wrote:
2022-10-02 17:46
You're the best. Thank you, it works.
Thx for feedback!

Latest is 5.6.9-B2602.52
Simply install the latest production and/or beta artifact from the URL below, then copy and overwrite files in this archive in hmailserver '/bin' directory
https://build.hmailserver.com/viewLog.h ... =artifacts (login as guest)
  1. Added: OnHELO(oClient) event, issue #153
  2. Fix: Incorrect DEBUG logging for event 'OnDeliverMessage', issue #181
  3. Added: Include HTMLBody into IMAP TEXT search, pull #193
  4. Fix: implicit conversion: "int" to "unsigned char" pull #204
  5. Fix: Faulty SMTP 'Disconnect client after too many invalid commands' pull issue #160
  6. Fix: SMTP server error "550 Unsupported ESMTP extension" on MAIL FROM:... AUTH=<> [with fix] issue #164
  7. Fix: Removed warning if backup was more than 1,5GB and 15GB limit. There's no longer a recommended max-size - the time will vary with the installation size. issue #69
  8. Fix: Speed up 'update hm_messages set messageflags' issue #221
  9. A̶d̶d̶e̶d̶:̶ ̶t̶h̶r̶e̶a̶t̶ ̶a̶u̶t̶h̶e̶n̶t̶i̶c̶a̶t̶e̶d̶ ̶u̶s̶e̶r̶s̶ ̶a̶s̶ ̶l̶o̶c̶a̶l̶s̶e̶n̶d̶e̶r̶ ̶i̶f̶ ̶t̶h̶e̶ ̶s̶e̶n̶d̶e̶r̶ ̶i̶s̶ ̶a̶u̶t̶h̶e̶n̶t̶i̶c̶a̶t̶e̶d̶ ̶a̶n̶d̶ ̶A̶u̶t̶h̶U̶s̶e̶r̶I̶s̶L̶o̶c̶a̶l̶=̶1̶ ̶I̶N̶I̶ ̶s̶e̶t̶t̶i̶n̶g̶ ̶O̶f̶f̶i̶c̶e̶ ̶2̶0̶1̶6̶/̶2̶0̶1̶9̶ ̶B̶u̶g̶
  10. Added: Return-Path header as topmost header before sending the message to SA (+ delete Return-Path header after the SA check completes) issue #116
  11. Added: Event OnClientLogon(oClient), New ClientInfo property oClient.Authenticated (Boolean)
  12. Fix: Handling of long UIDL response lists was too slow. issue #93
  13. Fix: When calling SpamAssassin and there was a connection failure, sometimes temporary files were left behind issue #100
  14. Fix: SURBL detection properly fails to detect url's ending with a query string issue #108
  15. Fix: If a route is set up, but the recipient does not match an address in the route address list, the domain catch-all should be used if specified. issue #74
  16. Fix: ExternalFetcher DELE when no RETR, pull pull #254
  17. Fix: SMTP multiply max message size with 1024 issue #267
  18. Added: email address variable to SignatureAdder.cpp pull #265
  19. Fix: DKIM on acccount-rule 'reply' not applied #172 issue #172
  20. Fix: preserve RewriteEnvelopeFromWhenForwarding setting when forwarding from account rule
  21. Fix: The logical flow should be to disregard "Require SMTP authentication" if "Allow deliveries from" is unselected issue #287
  22. Added: ability to DKIM sign NDR messages (forwarded to external) pull #301
  23. Added: Use custom daemonaddressdomain from INI pull #301
  24. Fix: SURBL regex pull #320
  25. A̶d̶d̶e̶d̶:̶ ̶R̶M̶S̶P̶F̶ ̶l̶i̶b̶r̶a̶r̶y̶ ̶S̶p̶a̶m̶T̶e̶s̶t̶S̶P̶F̶ ̶R̶e̶s̶u̶l̶t̶ ̶t̶o̶ ̶D̶E̶B̶U̶G̶ ̶l̶o̶g̶g̶i̶n̶g̶,̶ ̶s̶e̶e̶ ̶t̶h̶i̶s̶ ̶f̶o̶r̶u̶m̶ ̶t̶o̶p̶i̶c̶
  26. Fix: Ignore SpamTestSPF and SpamTestHeloHost when send thru local IP Address, see this forum topic
  27. Added: SPF test to include "HELO/EHLO host" used by DNS macros pull 353
  28. Fix: 'Unencrypted Cleartext Login' vulnerability detection pull 242
  29. Fix: Anti-spam; Maximum message to scan (KB) is now limited to 256MB, see this forum topic
  30. Added: "UseDNSCache" INI setting. 1 = Use cache in DNS Client service (default). 0 = Bypass cache in DNS Client service. pull 396
  31. Fix: AWStats::LogDeliveryFailure was called twice for each message in OnDeliveryFailed pull 368
  32. Fix: oMessage object was empty (in some circumstances) when called from OnDeliveryFailed pull 369
  33. Added: Experimental events OnRecipientUnknown(oClient, oMessage) and OnTooManyInvalidCommands(oClient, oMessage) pull #390
  34. Added: TLS server cipher preference support and support for prioritizing ChaCha20Poly1305 pull 379
  35. Added: DKIM signature for domain aliases pull 383
  36. Added: "DNSServer" INI setting. Single (local) DNS server IPv4 addresses to use within hMailServer instead of default system DNS. pull 396
  37. Added: Auto-Submitted header for auto-generated messages pull 386
  38. Added: New ClientInfo properties oClient.EncryptedConnection (Boolean), oClient.CipherVersion, oClient.CipherName and oClient.CipherBits pull #391
  39. Added: DomainMembers DistributionList mode pull #392
  40. Added: X-hMailServer-Envelope-From header, grouping off all X-hMailServer-* headers, For consistency equalize Return-Path format used within hMailServer, eg: Return-Path: <return-route-addr> (always use angle brackets)
  41. Fix: integer overflow check for SPF macro segment count pull #399
  42. Added: New ClientInfo property oClient.SessionID (long) issue #401
  43. Added: New Status property oApp.Status.ThreadID (long) this forum topic
  44. Added: rDNS/PTR AntiSpam Check pull #413
  45. Added: Prefer IPv6 over IPv4 pull #415
  46. Fix: SpamTestHeloHost IPv6 Fix pull #416
  47. Fix: Changed ClamAV Scan from STREAM to INSTREAM. issue #420
  48. Added: MIME Recipient Headers as configurable comma delimited string pull #428
  49. Fix: AUTH PLAIN followed by base64 encoded username and password (on same line) in log exposed account password. pull #437
  50. Fix: rfc4954 After a successful AUTH command completes, a server MUST reject any further AUTH commands with a 503 reply. pull #438
  51. Fix: HM5157 SpamAssassinClient::OnReadError, The WinSock error code is 2. issue #167
  52. Fix: TCP/IP Ports 'Default' button in GUI did not add the standard port SMTP 587 (this port is standard added by SQL script during installation) #pull 441
  53. Removed: Collection of statistics, since it's no longer being used. issue #435
  54. Fix: If MSSQL OLE DB Provider 18 or later is installed, prefer that one, since it supports TLS1.1/1.2 which older providers do not. issue 186
Important! This fork requires you to add additional entries to the hm_settings database table, eg:

MariaDB, MySQL

Code: Select all

insert into hm_settings (settingname, settingstring, settinginteger) 
  select 'TlsOptions', '', 0 from dual
where not exists 
  (select settingname from hm_settings where settingname='TlsOptions');

insert into hm_settings (settingname, settingstring, settinginteger) 
  select 'ascheckptr', '', 0 from dual
where not exists 
  (select settingname from hm_settings where settingname='ascheckptr');

insert into hm_settings (settingname, settingstring, settinginteger) 
  select 'ascheckptrscore', '', 1 from dual
where not exists 
  (select settingname from hm_settings where settingname='ascheckptrscore');

insert into hm_settings (settingname, settingstring, settinginteger) 
  select 'IPv6Preferred', '', 0 from dual
where not exists 
  (select settingname from hm_settings where settingname='IPv6Preferred');

alter table hm_fetchaccounts add column if not exists famimerecipientheaders varchar(255) not null default 'To,CC,X-RCPT-TO,X-Envelope-To';

update hm_dbversion set value = 5606;
MSSQL

Code: Select all

IF NOT EXISTS(SELECT settingname FROM hm_settings WHERE settingname = 'TlsOptions')
INSERT INTO hm_settings(settingname, settingstring, settinginteger) VALUES ('TlsOptions','','0')
GO
IF NOT EXISTS(SELECT settingname FROM hm_settings WHERE settingname = 'ascheckptr')
insert into hm_settings (settingname, settingstring, settinginteger) values ('ascheckptr', '', 0)
GO
IF NOT EXISTS(SELECT settingname FROM hm_settings WHERE settingname = 'ascheckptrscore')
insert into hm_settings (settingname, settingstring, settinginteger) values ('ascheckptrscore', '', 1)
GO
IF NOT EXISTS(SELECT settingname FROM hm_settings WHERE settingname = 'IPv6Preferred')
insert into hm_settings (settingname, settingstring, settinginteger) values ('IPv6Preferred', '', 0)
GO
IF NOT EXISTS (
  SELECT
    *
  FROM
    INFORMATION_SCHEMA.COLUMNS
  WHERE
    TABLE_NAME = 'hm_fetchaccounts' AND COLUMN_NAME = 'famimerecipientheaders')
BEGIN
  ALTER TABLE hm_fetchaccounts
    ADD famimerecipientheaders nvarchar(255) NOT NULL DEFAULT 'To,CC,X-RCPT-TO,X-Envelope-To'
END;
GO
UPDATE hm_dbversion SET value = 5606
GO
Download
https://d-fault.nl/files/hMailServer-Bu ... 2602.52.7z

* Included hMailAdmin.exe fixes sorting of DateTime and IPAddress (IP4) values, not reflected in server application version numbering
CIDR to RegEx: d-fault.nl/cidrtoregex
DNS Lookup: d-fault.nl/dnstools
DKIM Generator: d-fault.nl/dkimgenerator
DNSBL Lookup: d-fault.nl/dnsbllookup
GEOIP Lookup: d-fault.nl/geoiplookup

manos2000
New user
New user
Posts: 13
Joined: 2013-06-16 02:20

Re: Sub OnHELO(oClient) progress?

Post by manos2000 » 2022-10-29 13:33

@RvdH, Perfect, installed it today

Thanks!

User avatar
RvdH
Senior user
Senior user
Posts: 2483
Joined: 2008-06-27 14:42
Location: The Netherlands

Re: Sub OnHELO(oClient) progress?

Post by RvdH » 2022-11-29 12:07

IMPORTANT BUG FIX

Anyone using *.49 or higher, here is a small bug fix release that should solve a possible issue that could result in high CPU consumption by hmailserver.exe

Issue/bug reference: https://www.hmailserver.com/forum/viewt ... =7&t=39711

https://d-fault.nl/files/hMailServer-Bu ... -1.1.1s.7z (also updated to OpenSSL 1.1.1s)
CIDR to RegEx: d-fault.nl/cidrtoregex
DNS Lookup: d-fault.nl/dnstools
DKIM Generator: d-fault.nl/dkimgenerator
DNSBL Lookup: d-fault.nl/dnsbllookup
GEOIP Lookup: d-fault.nl/geoiplookup

fremen
New user
New user
Posts: 3
Joined: 2021-03-16 13:08

Re: Sub OnHELO(oClient) progress?

Post by fremen » 2022-12-07 11:37

Hi!

I'd like to migrate from the internal MSSQL CE to MySQL database.
Because my database is too large, I cannot use the backup util, so I installed this version of hmail server.

The only problem, that I don't know how should I insert the code to the hm_settings database table.

Could you please help with it?

Thanks!

User avatar
RvdH
Senior user
Senior user
Posts: 2483
Joined: 2008-06-27 14:42
Location: The Netherlands

Re: Sub OnHELO(oClient) progress?

Post by RvdH » 2022-12-07 12:48

I usually use HeidiSQL, but phpMyAdmin or MySQL WorkBench could be used as well
Basically what you have to do is you select the database (hmailserver), and in a query windows paste the sql code posted above and execute (run) those queries
CIDR to RegEx: d-fault.nl/cidrtoregex
DNS Lookup: d-fault.nl/dnstools
DKIM Generator: d-fault.nl/dkimgenerator
DNSBL Lookup: d-fault.nl/dnsbllookup
GEOIP Lookup: d-fault.nl/geoiplookup

fremen
New user
New user
Posts: 3
Joined: 2021-03-16 13:08

Re: Sub OnHELO(oClient) progress?

Post by fremen » 2022-12-09 11:31

Thanks for your help RcdH!

Unfortunatelly when I select hm_settings in the hmailserver.sdf and try to run the query, it gives back error:
1. the specific table doesn't exist: dual

or

2. there was an error parsing the query: token line number = 1, token line offset = 41, token in error = if ]

I tried this with SDF Viewer, on a copy of the sdf file.

I cannot figure out how can I open an sdf in Heidisql.

User avatar
katip
Senior user
Senior user
Posts: 1059
Joined: 2006-12-22 07:58
Location: Istanbul

Re: Sub OnHELO(oClient) progress?

Post by katip » 2022-12-09 15:02

fremen wrote:
2022-12-09 11:31
I tried this with SDF Viewer, on a copy of the sdf file.

I cannot figure out how can I open an sdf in Heidisql.
i doubt HeidiSQL can read MSSQL CE.
you may want to try this: https://www.etl-tools.com/database-brow ... rview.html
Katip
--
HMS 5.7, MariaDB 10.4.10, SA 3.4.4, ClamAV 0.103.5

User avatar
RvdH
Senior user
Senior user
Posts: 2483
Joined: 2008-06-27 14:42
Location: The Netherlands

Re: Sub OnHELO(oClient) progress?

Post by RvdH » 2022-12-09 15:27

katip wrote:
2022-12-09 15:02
fremen wrote:
2022-12-09 11:31
I tried this with SDF Viewer, on a copy of the sdf file.

I cannot figure out how can I open an sdf in Heidisql.
i doubt HeidiSQL can read MSSQL CE.
you may want to try this: https://www.etl-tools.com/database-brow ... rview.html
Ah yes, i was under the impression he already migrated from MSSQL CE to MySQL
I have little experience with MSSQL CE myself, but if i remember right you could use a tool like https://github.com/christianhelle/sqlcequery/releases and/or https://github.com/ErikEJ/SqlCeToolbox/releases (3.5) or the one katip suggested

To obtain the sdf password, copy Password=*** value under [Database] in hMailServer.ini
if PasswordEncryption=1 under [Database] in hMailServer.ini you need to decrypt it using C:\Program Files (x86)\hMailServer\Addons\Utilities\DecryptBlowfish.vbs
CIDR to RegEx: d-fault.nl/cidrtoregex
DNS Lookup: d-fault.nl/dnstools
DKIM Generator: d-fault.nl/dkimgenerator
DNSBL Lookup: d-fault.nl/dnsbllookup
GEOIP Lookup: d-fault.nl/geoiplookup

User avatar
jimimaseye
Moderator
Moderator
Posts: 9684
Joined: 2011-09-08 17:48

Re: Sub OnHELO(oClient) progress?

Post by jimimaseye » 2022-12-09 17:47

FYI

I also documented accessing this in https://www.hmailserver.com/forum/viewt ... 21&t=28914 - bottom of first post look for "**FOOTNOTE"
5.7 on test.
SpamassassinForWindows 3.4.0 spamd service
AV: Clamwin + Clamd service + sanesecurity defs : https://www.hmailserver.com/forum/viewtopic.php?f=21&t=26829

User avatar
RvdH
Senior user
Senior user
Posts: 2483
Joined: 2008-06-27 14:42
Location: The Netherlands

Re: Sub OnHELO(oClient) progress?

Post by RvdH » 2022-12-15 23:05

Latest is 5.6.9-B2602.53

Note FYI i have disabled download access to older versions of my custom builds, you from now on always should be redirected to the latest build when downloading

Simply install the latest production and/or beta artifact from the URL below, then copy and overwrite files in this archive in hmailserver '/bin' directory
https://build.hmailserver.com/viewLog.h ... =artifacts (login as guest)
  1. Added: OnHELO(oClient) event, issue #153
  2. Fix: Incorrect DEBUG logging for event 'OnDeliverMessage', issue #181
  3. Added: Include HTMLBody into IMAP TEXT search, pull #193
  4. Fix: implicit conversion: "int" to "unsigned char" pull #204
  5. Fix: Faulty SMTP 'Disconnect client after too many invalid commands' pull issue #160
  6. Fix: SMTP server error "550 Unsupported ESMTP extension" on MAIL FROM:... AUTH=<> [with fix] issue #164
  7. Fix: Removed warning if backup was more than 1,5GB and 15GB limit. There's no longer a recommended max-size - the time will vary with the installation size. issue #69
  8. Fix: Speed up 'update hm_messages set messageflags' issue #221
  9. A̶d̶d̶e̶d̶:̶ ̶t̶h̶r̶e̶a̶t̶ ̶a̶u̶t̶h̶e̶n̶t̶i̶c̶a̶t̶e̶d̶ ̶u̶s̶e̶r̶s̶ ̶a̶s̶ ̶l̶o̶c̶a̶l̶s̶e̶n̶d̶e̶r̶ ̶i̶f̶ ̶t̶h̶e̶ ̶s̶e̶n̶d̶e̶r̶ ̶i̶s̶ ̶a̶u̶t̶h̶e̶n̶t̶i̶c̶a̶t̶e̶d̶ ̶a̶n̶d̶ ̶A̶u̶t̶h̶U̶s̶e̶r̶I̶s̶L̶o̶c̶a̶l̶=̶1̶ ̶I̶N̶I̶ ̶s̶e̶t̶t̶i̶n̶g̶ ̶O̶f̶f̶i̶c̶e̶ ̶2̶0̶1̶6̶/̶2̶0̶1̶9̶ ̶B̶u̶g̶
  10. Added: Return-Path header as topmost header before sending the message to SA (+ delete Return-Path header after the SA check completes) issue #116
  11. Added: Event OnClientLogon(oClient), New ClientInfo property oClient.Authenticated (Boolean)
  12. Fix: Handling of long UIDL response lists was too slow. issue #93
  13. Fix: When calling SpamAssassin and there was a connection failure, sometimes temporary files were left behind issue #100
  14. Fix: SURBL detection properly fails to detect url's ending with a query string issue #108
  15. Fix: If a route is set up, but the recipient does not match an address in the route address list, the domain catch-all should be used if specified. issue #74
  16. Fix: ExternalFetcher DELE when no RETR, pull pull #254
  17. Fix: SMTP multiply max message size with 1024 issue #267
  18. Added: email address variable to SignatureAdder.cpp pull #265
  19. Fix: DKIM on acccount-rule 'reply' not applied #172 issue #172
  20. Fix: preserve RewriteEnvelopeFromWhenForwarding setting when forwarding from account rule
  21. Fix: The logical flow should be to disregard "Require SMTP authentication" if "Allow deliveries from" is unselected issue #287
  22. Added: ability to DKIM sign NDR messages (forwarded to external) pull #301
  23. Added: Use custom daemonaddressdomain from INI pull #301
  24. Fix: SURBL regex pull #320
  25. A̶d̶d̶e̶d̶:̶ ̶R̶M̶S̶P̶F̶ ̶l̶i̶b̶r̶a̶r̶y̶ ̶S̶p̶a̶m̶T̶e̶s̶t̶S̶P̶F̶ ̶R̶e̶s̶u̶l̶t̶ ̶t̶o̶ ̶D̶E̶B̶U̶G̶ ̶l̶o̶g̶g̶i̶n̶g̶,̶ ̶s̶e̶e̶ ̶t̶h̶i̶s̶ ̶f̶o̶r̶u̶m̶ ̶t̶o̶p̶i̶c̶
  26. Fix: Ignore SpamTestSPF and SpamTestHeloHost when send thru local IP Address, see this forum topic
  27. Added: SPF test to include "HELO/EHLO host" used by DNS macros pull 353
  28. Fix: 'Unencrypted Cleartext Login' vulnerability detection pull 242
  29. Fix: Anti-spam; Maximum message to scan (KB) is now limited to 256MB, see this forum topic
  30. Added: "UseDNSCache" INI setting. 1 = Use cache in DNS Client service (default). 0 = Bypass cache in DNS Client service. pull 396
  31. Fix: AWStats::LogDeliveryFailure was called twice for each message in OnDeliveryFailed pull 368
  32. Fix: oMessage object was empty (in some circumstances) when called from OnDeliveryFailed pull 369
  33. Added: Experimental events OnRecipientUnknown(oClient, oMessage) and OnTooManyInvalidCommands(oClient, oMessage) pull #390
  34. Added: TLS server cipher preference support and support for prioritizing ChaCha20Poly1305 pull 379
  35. Added: DKIM signature for domain aliases pull 383
  36. Added: "DNSServer" INI setting. Single (local) DNS server IPv4 addresses to use within hMailServer instead of default system DNS. pull 396
  37. Added: Auto-Submitted header for auto-generated messages pull 386
  38. Added: New ClientInfo properties oClient.EncryptedConnection (Boolean), oClient.CipherVersion, oClient.CipherName and oClient.CipherBits pull #391
  39. Added: DomainMembers DistributionList mode pull #392
  40. Added: X-hMailServer-Envelope-From header, grouping off all X-hMailServer-* headers, For consistency equalize Return-Path format used within hMailServer, eg: Return-Path: <return-route-addr> (always use angle brackets)
  41. Fix: integer overflow check for SPF macro segment count pull #399
  42. Added: New ClientInfo property oClient.SessionID (long) issue #401
  43. Added: New Status property oApp.Status.ThreadID (long) this forum topic
  44. Added: rDNS/PTR AntiSpam Check pull #413
  45. Added: Prefer IPv6 over IPv4 pull #415
  46. Fix: SpamTestHeloHost IPv6 Fix pull #416
  47. Fix: Changed ClamAV Scan from STREAM to INSTREAM. issue #420
  48. Added: MIME Recipient Headers as configurable comma delimited string pull #428
  49. Fix: AUTH PLAIN followed by base64 encoded username and password (on same line) in log exposed account password. pull #437
  50. Fix: rfc4954 After a successful AUTH command completes, a server MUST reject any further AUTH commands with a 503 reply. pull #438
  51. Fix: HM5157 SpamAssassinClient::OnReadError, The WinSock error code is 2. issue #167
  52. Fix: TCP/IP Ports 'Default' button in GUI did not add the standard port SMTP 587 (this port is standard added by SQL script during installation) #pull 441
  53. Removed: Collection of statistics, since it's no longer being used. issue #435
  54. Fix: If MSSQL OLE DB Provider 18 or later is installed, prefer that one, since it supports TLS1.1/1.2 which older providers do not. issue 186
  55. Added: %MACRO_ORIGINAL_HEADER% macro expansion for 'Set header value' rules
Important! This fork requires you to add additional entries to the hm_settings database table, eg:

MariaDB, MySQL

Code: Select all

insert into hm_settings (settingname, settingstring, settinginteger) 
  select 'TlsOptions', '', 0 from dual
where not exists 
  (select settingname from hm_settings where settingname='TlsOptions');

insert into hm_settings (settingname, settingstring, settinginteger) 
  select 'ascheckptr', '', 0 from dual
where not exists 
  (select settingname from hm_settings where settingname='ascheckptr');

insert into hm_settings (settingname, settingstring, settinginteger) 
  select 'ascheckptrscore', '', 1 from dual
where not exists 
  (select settingname from hm_settings where settingname='ascheckptrscore');

insert into hm_settings (settingname, settingstring, settinginteger) 
  select 'IPv6Preferred', '', 0 from dual
where not exists 
  (select settingname from hm_settings where settingname='IPv6Preferred');

alter table hm_fetchaccounts add column if not exists famimerecipientheaders varchar(255) not null default 'To,CC,X-RCPT-TO,X-Envelope-To';

update hm_dbversion set value = 5606;
MSSQL

Code: Select all

IF NOT EXISTS(SELECT settingname FROM hm_settings WHERE settingname = 'TlsOptions')
INSERT INTO hm_settings(settingname, settingstring, settinginteger) VALUES ('TlsOptions','','0')
GO
IF NOT EXISTS(SELECT settingname FROM hm_settings WHERE settingname = 'ascheckptr')
insert into hm_settings (settingname, settingstring, settinginteger) values ('ascheckptr', '', 0)
GO
IF NOT EXISTS(SELECT settingname FROM hm_settings WHERE settingname = 'ascheckptrscore')
insert into hm_settings (settingname, settingstring, settinginteger) values ('ascheckptrscore', '', 1)
GO
IF NOT EXISTS(SELECT settingname FROM hm_settings WHERE settingname = 'IPv6Preferred')
insert into hm_settings (settingname, settingstring, settinginteger) values ('IPv6Preferred', '', 0)
GO
IF NOT EXISTS (
  SELECT
    *
  FROM
    INFORMATION_SCHEMA.COLUMNS
  WHERE
    TABLE_NAME = 'hm_fetchaccounts' AND COLUMN_NAME = 'famimerecipientheaders')
BEGIN
  ALTER TABLE hm_fetchaccounts
    ADD famimerecipientheaders nvarchar(255) NOT NULL DEFAULT 'To,CC,X-RCPT-TO,X-Envelope-To'
END;
GO
UPDATE hm_dbversion SET value = 5606
GO
Download
https://d-fault.nl/files/hMailServer-Bu ... -1.1.1s.7z

* Included hMailAdmin.exe fixes sorting of DateTime and IPAddress (IP4) values, not reflected in server application version numbering
CIDR to RegEx: d-fault.nl/cidrtoregex
DNS Lookup: d-fault.nl/dnstools
DKIM Generator: d-fault.nl/dkimgenerator
DNSBL Lookup: d-fault.nl/dnsbllookup
GEOIP Lookup: d-fault.nl/geoiplookup

User avatar
kimboslice
Normal user
Normal user
Posts: 34
Joined: 2022-02-05 16:38

Re: Sub OnHELO(oClient) progress?

Post by kimboslice » 2022-12-19 07:37

Been running your builds for a few months now @RvdH, really glad to see some active development! kudos :D

I notice you package the WebAdmin, are there unique changes here that I need to merge with a pre-existing setup? I'm running the redesign project on GitHub (I'm sure you know the one :wink:)

An issue I've seen from hMail that doesn't seem to get any attention is the built-in backup setup seems to have some issues, IIRC any pre-existing data in the backup folder almost always causes the backup to hang indefinitely, then when the next scheduled backup runs it will fail because hMail believes the backup has already been started.

I've worked around this with a couple of scripts, but it'd just be nice to see fixed. I can see how it may be considered a trivial issue, however.

User avatar
RvdH
Senior user
Senior user
Posts: 2483
Joined: 2008-06-27 14:42
Location: The Netherlands

Re: Sub OnHELO(oClient) progress?

Post by RvdH » 2022-12-19 11:00

kimboslice wrote:
2022-12-19 07:37
Been running your builds for a few months now @RvdH, really glad to see some active development! kudos :D

I notice you package the WebAdmin, are there unique changes here that I need to merge with a pre-existing setup? I'm running the redesign project on GitHub (I'm sure you know the one :wink:)

An issue I've seen from hMail that doesn't seem to get any attention is the built-in backup setup seems to have some issues, IIRC any pre-existing data in the backup folder almost always causes the backup to hang indefinitely, then when the next scheduled backup runs it will fail because hMail believes the backup has already been started.

I've worked around this with a couple of scripts, but it'd just be nice to see fixed. I can see how it may be considered a trivial issue, however.
https://github.com/RvdHout/hmailserver-webadmin

There isn't much i can do with the backup routine (besides completely rewriting it) i am surprised to read people having backup issues, never had a single one with my build without any limits
CIDR to RegEx: d-fault.nl/cidrtoregex
DNS Lookup: d-fault.nl/dnstools
DKIM Generator: d-fault.nl/dkimgenerator
DNSBL Lookup: d-fault.nl/dnsbllookup
GEOIP Lookup: d-fault.nl/geoiplookup

User avatar
jimimaseye
Moderator
Moderator
Posts: 9684
Joined: 2011-09-08 17:48

Re: Sub OnHELO(oClient) progress?

Post by jimimaseye » 2022-12-19 12:48

RvdH wrote:
2022-12-19 11:00
kimboslice wrote:
2022-12-19 07:37
An issue I've seen from hMail that doesn't seem to get any attention is the built-in backup setup seems to have some issues, IIRC any pre-existing data in the backup folder almost always causes the backup to hang indefinitely, then when the next scheduled backup runs it will fail because hMail believes the backup has already been started.

I've worked around this with a couple of scripts, but it'd just be nice to see fixed. I can see how it may be considered a trivial issue, however.
There isn't much i can do with the backup routine (besides completely rewriting it) i am surprised to read people having backup issues, never had a single one with my build without any limits
It is true - this does happen. I wrote about it some years ago in the forum somewhere based on my experience and happening exactly as above. The cause for the initial failure is unknown (I guess it could be anything eg, user being impatient and thinking its finished or hanging). But yes, if the temporary backup directory is not empty then the above applies and the service requires restarting.
5.7 on test.
SpamassassinForWindows 3.4.0 spamd service
AV: Clamwin + Clamd service + sanesecurity defs : https://www.hmailserver.com/forum/viewtopic.php?f=21&t=26829

User avatar
johang
Senior user
Senior user
Posts: 922
Joined: 2008-09-01 09:20

Re: Sub OnHELO(oClient) progress?

Post by johang » 2022-12-31 10:43

jimimaseye wrote:
2022-12-19 12:48
RvdH wrote:
2022-12-19 11:00
kimboslice wrote:
2022-12-19 07:37
An issue I've seen from hMail that doesn't seem to get any attention is the built-in backup setup seems to have some issues, IIRC any pre-existing data in the backup folder almost always causes the backup to hang indefinitely, then when the next scheduled backup runs it will fail because hMail believes the backup has already been started.

I've worked around this with a couple of scripts, but it'd just be nice to see fixed. I can see how it may be considered a trivial issue, however.
There isn't much i can do with the backup routine (besides completely rewriting it) i am surprised to read people having backup issues, never had a single one with my build without any limits
It is true - this does happen. I wrote about it some years ago in the forum somewhere based on my experience and happening exactly as above. The cause for the initial failure is unknown (I guess it could be anything eg, user being impatient and thinking its finished or hanging). But yes, if the temporary backup directory is not empty then the above applies and the service requires restarting.
in my case i had another "server maintainance background task" which would sometimes take longer then expected ( and ate a whole lot more diskspace then anticipated ) which would at some times cross timepaths with the backup .. making the backup "impossible to run successfully" ( lack of diskspace ), the other server maintainance background task in the meantime got to what it was supposed to do and cleared its tracks... making it kinda a hard guessing what was up... ( had to sit through a couple of nightly backups to catch it in the making...

would have been awesome with som error handleing code telling there wasnt enough space on disk to complete backup.... :idea: ( i know.. its up to me to know.. 8) my disk checking script wasnt running more then every 2 hours, and not catching this... :cry: ; did i improve the disk checking script.. .. eeeh no.. :oops: i just added disk .. :wink: )
lets cheat darwin out of his legacy, find a cure for cancer...

User avatar
RvdH
Senior user
Senior user
Posts: 2483
Joined: 2008-06-27 14:42
Location: The Netherlands

Re: Sub OnHELO(oClient) progress?

Post by RvdH » 2022-12-31 13:34

johang wrote:
2022-12-31 10:43
jimimaseye wrote:
2022-12-19 12:48
RvdH wrote:
2022-12-19 11:00

There isn't much i can do with the backup routine (besides completely rewriting it) i am surprised to read people having backup issues, never had a single one with my build without any limits
It is true - this does happen. I wrote about it some years ago in the forum somewhere based on my experience and happening exactly as above. The cause for the initial failure is unknown (I guess it could be anything eg, user being impatient and thinking its finished or hanging). But yes, if the temporary backup directory is not empty then the above applies and the service requires restarting.
in my case i had another "server maintainance background task" which would sometimes take longer then expected ( and ate a whole lot more diskspace then anticipated ) which would at some times cross timepaths with the backup .. making the backup "impossible to run successfully" ( lack of diskspace ), the other server maintainance background task in the meantime got to what it was supposed to do and cleared its tracks... making it kinda a hard guessing what was up... ( had to sit through a couple of nightly backups to catch it in the making...

would have been awesome with som error handleing code telling there wasnt enough space on disk to complete backup.... :idea: ( i know.. its up to me to know.. 8) my disk checking script wasnt running more then every 2 hours, and not catching this... :cry: ; did i improve the disk checking script.. .. eeeh no.. :oops: i just added disk .. :wink: )
Utilize event OnBackupFailed, eg: for notification mail or something in your custom backup script maybe?

Code: Select all

'   Sub OnBackupFailed(sReason)
'   End Sub
No reason the reinvent the wheel, not?
CIDR to RegEx: d-fault.nl/cidrtoregex
DNS Lookup: d-fault.nl/dnstools
DKIM Generator: d-fault.nl/dkimgenerator
DNSBL Lookup: d-fault.nl/dnsbllookup
GEOIP Lookup: d-fault.nl/geoiplookup

User avatar
johang
Senior user
Senior user
Posts: 922
Joined: 2008-09-01 09:20

Re: Sub OnHELO(oClient) progress?

Post by johang » 2023-01-01 13:04

RvdH wrote:
2022-12-31 13:34

No reason the reinvent the wheel, not?
thumbs up
lets cheat darwin out of his legacy, find a cure for cancer...

CraigT
New user
New user
Posts: 17
Joined: 2010-08-12 10:06
Location: Adelaide, Australia

Re: Sub OnHELO(oClient) progress?

Post by CraigT » 2023-01-26 08:51

@RvdH I have noticed that 5.7.0 has appeared for download. Any update on what changes have occurred? Given that your fork is already installed on the servers, and SQL changes are up to date, can I just copy the new version over the old?
Also, thanks for all the work on this. It is appreciated!

User avatar
RvdH
Senior user
Senior user
Posts: 2483
Joined: 2008-06-27 14:42
Location: The Netherlands

Re: Sub OnHELO(oClient) progress?

Post by RvdH » 2023-01-26 09:09

CraigT wrote:
2023-01-26 08:51
@RvdH I have noticed that 5.7.0 has appeared for download. Any update on what changes have occurred? Given that your fork is already installed on the servers, and SQL changes are up to date, can I just copy the new version over the old?
Also, thanks for all the work on this. It is appreciated!
Nope, this a build only for 5.7.0 APLHA branch users, eg: you will need to update to 5.7.0 first and then apply the mod package + sql updates identical as instructed for the 5.6.* branch.
It contains all of the 5.6.x patches listed above who are not already commited/made it into the 5.7.0 branch
CIDR to RegEx: d-fault.nl/cidrtoregex
DNS Lookup: d-fault.nl/dnstools
DKIM Generator: d-fault.nl/dkimgenerator
DNSBL Lookup: d-fault.nl/dnsbllookup
GEOIP Lookup: d-fault.nl/geoiplookup

User avatar
katip
Senior user
Senior user
Posts: 1059
Joined: 2006-12-22 07:58
Location: Istanbul

Re: Sub OnHELO(oClient) progress?

Post by katip » 2023-01-27 18:36

RvdH wrote:
2023-01-26 09:09
Nope, this a build only for 5.7.0 APLHA branch users, eg: you will need to update to 5.7.0 first and then apply the mod package + sql updates identical as instructed for the 5.6.* branch.
It contains all of the 5.6.x patches listed above who are not already commited/made it into the 5.7.0 branch
Thank you, much appreciated. This was what i was waiting for so long, can't wait to test it.
ehm, did you keep OnClientValidatePassword? :roll:
Katip
--
HMS 5.7, MariaDB 10.4.10, SA 3.4.4, ClamAV 0.103.5

User avatar
RvdH
Senior user
Senior user
Posts: 2483
Joined: 2008-06-27 14:42
Location: The Netherlands

Re: Sub OnHELO(oClient) progress?

Post by RvdH » 2023-01-28 10:24

katip wrote:
2023-01-27 18:36
RvdH wrote:
2023-01-26 09:09
Nope, this a build only for 5.7.0 APLHA branch users, eg: you will need to update to 5.7.0 first and then apply the mod package + sql updates identical as instructed for the 5.6.* branch.
It contains all of the 5.6.x patches listed above who are not already commited/made it into the 5.7.0 branch
Thank you, much appreciated. This was what i was waiting for so long, can't wait to test it.
ehm, did you keep OnClientValidatePassword? :roll:
Yes it is (still) in as it is part of the main 5.7 branch codebase

5.7.0-B2604.17
  1. RMSPF 1.12, SPFMAXLOOKUPS 10 as per rfc7208
  2. Fix 'Unencrypted Cleartext Login' vulnerability detection pull 342
  3. Must issue STARTTLS first when STARTTLS is Required to every command other than NOOP, EHLO, STARTTLS, or QUIT. #pull 360
  4. Added: X-hMailServer-Envelope-From header, grouping off all X-hMailServer-* headers, equalize Return-Path format used within hMailServer, eg: Return-Path: <return-route-addr> (always use angle brackets)
  5. Added: Experimental events OnRecipientUnknown(oClient, oMessage) and OnTooManyInvalidCommands(oClient, oMessage)
  6. Added: TLS server cipher preference support and support for prioritizing ChaCha20Poly1305 pull 379
  7. Added: DKIM signature for domain aliases pull 383
  8. F̶i̶x̶ ̶'̶S̶A̶S̶L̶ ̶d̶e̶l̶i̶m̶i̶n̶a̶t̶o̶r̶ ̶f̶r̶o̶m̶ ̶\̶t̶ ̶t̶o̶ ̶\̶0̶ ̶r̶e̶f̶ ̶R̶F̶C̶4̶6̶1̶6̶'̶ ̶p̶u̶l̶l̶ ̶3̶8̶5̶
  9. Added: Auto-Submitted header for auto-generated messages pull 386
  10. Added: New ClientInfo properties oClient.EncryptedConnection (Boolean), oClient.CipherVersion, oClient.CipherName and oClient.CipherBits pull #391
  11. Added: DomainMembers DistributionList mode pull #392
  12. W̶r̶i̶t̶e̶ ̶S̶P̶F̶ ̶t̶e̶s̶t̶ ̶r̶e̶s̶u̶l̶t̶ ̶t̶o̶ ̶D̶e̶b̶u̶g̶ ̶l̶o̶g̶ p̶u̶l̶l̶ ̶3̶2̶2̶
  13. Added: prefer IPv6 over IPv4 pull 224
  14. Added: MIME Recipient Headers as configurable comma delimited string pull #428
  15. Fix: AUTH PLAIN followed by base64 encoded username and password (on same line) in log exposed account password. pull #437
  16. Fix: rfc4954 After a successful AUTH command completes, a server MUST reject any further AUTH commands with a 503 reply. pull #438
  17. Fix: HM5157 SpamAssassinClient::OnReadError, The WinSock error code is 2. issue #167
  18. Fix: TCP/IP Ports 'Default' button in GUI did not add the standard port SMTP 587 (this port is standard added by SQL script during installation) pull #441
  19. Added: %MACRO_ORIGINAL_HEADER% macro expansion for 'Set header value' rules
CIDR to RegEx: d-fault.nl/cidrtoregex
DNS Lookup: d-fault.nl/dnstools
DKIM Generator: d-fault.nl/dkimgenerator
DNSBL Lookup: d-fault.nl/dnsbllookup
GEOIP Lookup: d-fault.nl/geoiplookup

Post Reply