hMailServer 5.7

Use this forum if you want to discuss a problem or ask a question related to a hMailServer beta release.
glenluo
Normal user
Normal user
Posts: 194
Joined: 2011-07-03 12:10

Re: hMailServer 5.7

Post by glenluo » 2019-09-06 13:38

I think i got the answer here.
https://www.spamhaus.org/faq/section/Spamhaus%20DBL#330

If hMailserver can check return result matching: 127.0.1.X ,then such issue never happen.

User avatar
mattg
Moderator
Moderator
Posts: 20134
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: hMailServer 5.7

Post by mattg » 2019-09-07 09:11

SURBL works fine for me for
multi.surbl.org
uribl.spameatingmonkey.net

It is just not working for dbl.spamhaus.org
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

palinka
Senior user
Senior user
Posts: 1110
Joined: 2017-09-12 17:57

Re: hMailServer 5.7

Post by palinka » 2019-09-15 14:52

mattg wrote:
2019-08-26 23:39
Please wait until it is a BETA at least - it is currently very much still ALPHA

But yes just that.

HOWEVER I had to track down the 64 bit libMySQL.dll manually, (this was flagged as to-fix in the hMailserver 5.7 builds - don't know if that is done yet), which also required me to update my MySQL to the latest of the installed version
Where did you find this? And will it work with Maria DB? Dravion's answer was surely intentionally vague. But I'm willing to test it to find out.

User avatar
mattg
Moderator
Moderator
Posts: 20134
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: hMailServer 5.7

Post by mattg » 2019-09-15 23:38

I downloaded a MYSQL.zip (for my version) and extracted just this single file
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

palinka
Senior user
Senior user
Posts: 1110
Joined: 2017-09-12 17:57

Re: hMailServer 5.7

Post by palinka » 2019-09-16 16:14

Aha.. I was looking at the wrong downloads. Got it.

Since you pointed me in the right direction, I instead went to look for a zip install for my version of MariaDB, which I found here: https://downloads.mariadb.com/MariaDB/

I'm running xampp. There is a text file at the root of the install that contains a listing of components with their versions.

Then extracted libmysql.dll, then upgraded to 5.7, then replaced the existing libmysql.dll with the new MariaDB one and voila. No errors yet (less than 1 hour running), one test email was successful, my scripts using OnHELO and OnClientLogon are working without any modification. Life is good. Will update later if any issues.

Now, maybe a stupid question, but I have not done anything at all with ODBC connector and yet my database related scripts seem to be running OK. I remember a hassle of making sure the connector was a 32 bit version. Is that anything to worry about?

User avatar
mattg
Moderator
Moderator
Posts: 20134
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: hMailServer 5.7

Post by mattg » 2019-09-17 00:17

You haven't changed the database, so the scripts should still work fine.

Whatever script engine you use must be only 32 bit for you to need the 32 bit ODBC connector to use your scripts. From memory VBS is 32 bit, but VB.NET is 64 bit
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

palinka
Senior user
Senior user
Posts: 1110
Joined: 2017-09-12 17:57

Re: hMailServer 5.7

Post by palinka » 2019-09-17 00:29

That makes sense. Thanks. Since everything is working, I guess I don't need to change anything.

User avatar
mattg
Moderator
Moderator
Posts: 20134
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: hMailServer 5.7

Post by mattg » 2019-09-17 01:16

Welcome to the bleeding edge
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

User avatar
mattg
Moderator
Moderator
Posts: 20134
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: hMailServer 5.7

Post by mattg » 2019-09-17 04:37

Is IMAP SASL new?
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

User avatar
jimimaseye
Moderator
Moderator
Posts: 8132
Joined: 2011-09-08 17:48

Re: hMailServer 5.7

Post by jimimaseye » 2019-09-17 08:55

mattg wrote:
2019-09-17 04:37
Is IMAP SASL new?
I believe Martin has included it in 5.7.
HMS 5.6.6 B2383 on Win Server 2008 R2 Foundation, + 5.6.7-B2415 on test.
SpamassassinForWindows 3.4.0 spamd service
AV: Clamwin + Clamd service + sanesecurity defs : https://www.hmailserver.com/forum/viewtopic.php?f=21&t=26829

User avatar
mattg
Moderator
Moderator
Posts: 20134
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: hMailServer 5.7

Post by mattg » 2019-09-17 09:08

Do you know anything about the settings, or use cases?
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

User avatar
jimimaseye
Moderator
Moderator
Posts: 8132
Joined: 2011-09-08 17:48

Re: hMailServer 5.7

Post by jimimaseye » 2019-09-17 09:24

Not any more. I had to Google when i first saw it a couple of years ago.

[Entered by mobile. Excuse my spelling.]
HMS 5.6.6 B2383 on Win Server 2008 R2 Foundation, + 5.6.7-B2415 on test.
SpamassassinForWindows 3.4.0 spamd service
AV: Clamwin + Clamd service + sanesecurity defs : https://www.hmailserver.com/forum/viewtopic.php?f=21&t=26829

hmbaer
New user
New user
Posts: 12
Joined: 2019-05-01 14:29

Re: hMailServer 5.7

Post by hmbaer » 2019-09-26 06:47

When will hMailServer 5.7 be public?

If i will create a new hMailServer-installation today with Version 5.6.7 (Build 2425): which database should i use to be best prepared to upgrade to future versions? Thank you.

User avatar
mattg
Moderator
Moderator
Posts: 20134
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: hMailServer 5.7

Post by mattg » 2019-09-26 07:39

Any database you like, but NOT The built in one if this is going to be anything but a project

MS SQL Express is free to download
MS SQL other editions cost $ but work well

MariaDB
MySQL
PostgreSQL
are all free and open source

Most of us use either MySQL or MariaDB (MariaDB was a fork from MySQL)


And 5.7 is public, just still officially APLHA
I've been using live for over a month as have a few others
You should wait until it is BETA, but don't know when that will be

Alpha is here >> https://build.hmailserver.com/repositor ... 86-x64.exe
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

User avatar
mattg
Moderator
Moderator
Posts: 20134
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: hMailServer 5.7

Post by mattg » 2019-10-11 11:03

Just did this suite of tests
https://www.immuniweb.com/ssl/

I scored an A+ which is awesome

I did pass PCI DSS
I didn't get HIPAA or NIST passes though because I don't have OCSP stapling
Also didn't get perfect in the 'best practices' section due to 'server does not have a cipher preference'

I run only TLSv1.2 and TLSv1.3 with my cipher suite being 'HIGH:!TLSv1:!SSLv3;', and I have a let's encypt cert

How can I improve? Is that an OpenSSL thing or a hMailserver thing
I see that I can ask letsencrypt for a --must-staple tag on the certificate, but it only works (in apache/ngnix etc if stapling is enabled)

Perhaps this could also be because I don't force startTLS on port 25, but I don't imagine that I could do that
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

tolberjj
New user
New user
Posts: 12
Joined: 2019-10-15 20:09

Re: hMailServer 5.7

Post by tolberjj » 2019-10-16 02:12

I'd like to propose a small change. I just installed 5.7 and it installs and launches with this tweak so far. 5.6.7 didn't work with the same change.

The issue is that MySQL 8 with the innodb cluster requires a primary key on every table, and hm_dbversion doesn't have one currently in the scripts.


I modified C:\Program Files\hMailServer\DBScripts\CreateTablesMYSQL.sql to the following:

Line 193 (added definition for dbversionid):

create table hm_dbversion
(
dbversionid int auto_increment not null, primary key(`dbversionid`), unique(`dbversionid`),
value int not null
) DEFAULT CHARSET=utf8;



Line 772 (specified field):
insert into hm_dbversion (value) values (5700);



Thanks for all of your work. We have sent a lot of email (ethically) for many years with previous versions and I am excited to move forward with a 64 bit version in our testing.

User avatar
nitro
New user
New user
Posts: 26
Joined: 2018-11-08 16:31
Location: Spain

Re: hMailServer 5.7

Post by nitro » 2019-10-16 10:20

Good morning, I have updated my staging version with the latest compiled version 5.7 B-2490. I could update just by clicking on the installer, completely transparent for me. My database runs on MSSQL Express 2014. Everything seems to be working without any problem. I only report it as feedback from the alpha version.

Thanks to Martin for his work.
Production 5.6.8-B2437.20_OpenSSL_1.0.2s W.Server 2016 Datace [2x Intel Xeon E5-2660 8GB RAM]
Staging 5.7-B2490 W.Server 2008 R2 Stand [Intel Pentium 4 4GB RAM]

User avatar
Mar_ty
New user
New user
Posts: 14
Joined: 2016-10-24 15:19
Location: USA

Re: hMailServer 5.7

Post by Mar_ty » 2019-10-17 16:08

Screenshot (1).png
Just upgraded to hmailserver 5.7-B2490 from 5.7.0 64 Bit (LTS). Installed with no problems. Passed PCI DSS, HIPAA, NIST and Best Practices and Analysis tests.

Thank you Martin for your excellent work.
"Too much of anything is Bad, But TOO MUCH GOOD WHISKEY IS BARELY ENOUGH"
- Mark Twain

hMailServer 5.7 -B2490 64-Bit

User avatar
mattg
Moderator
Moderator
Posts: 20134
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: hMailServer 5.7

Post by mattg » 2019-10-17 16:48

How did you pass HIPAA and NIST

What do you do differently than me?

What is your cipher suite?
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

User avatar
Mar_ty
New user
New user
Posts: 14
Joined: 2016-10-24 15:19
Location: USA

Re: hMailServer 5.7

Post by Mar_ty » 2019-10-18 05:45

mattg wrote:
2019-10-17 16:48
How did you pass HIPAA and NIST

What do you do differently than me?

What is your cipher suite?
I followed the suggestions from the first test report I received from ImmuniWeb.
Tested again and you can see the results in my last post.
"Too much of anything is Bad, But TOO MUCH GOOD WHISKEY IS BARELY ENOUGH"
- Mark Twain

hMailServer 5.7 -B2490 64-Bit

User avatar
mattg
Moderator
Moderator
Posts: 20134
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: hMailServer 5.7

Post by mattg » 2019-10-18 06:11

can you please share your current cipher suite

mine is

Code: Select all

HIGH:!TLSv1:!SSLv3;
and I only allow TLSv1.2 and TLSv1.3

Also how did you achieve 'OCSP stapling'

X509 CERTIFICATES ARE IN VERSION 3
All the X509 certificates provided by the server are in version 3.Good configuration
SERVER DOES NOT SUPPORT OCSP STAPLING
The server does not support OCSP stapling for its RSA certificate. Its support allows better verification of the certificate validation status.Non-compliant with HIPAA guidance
SUPPORTED PROTOCOLS
List of all SSL/TLS protocols supported by the server:

TLSv1.2Good configuration
TLSv1.3Information
SUPPORTED CIPHERS
List of all cipher suites supported by the server:

TLSv1.3
TLS_CHACHA20_POLY1305_SHA256Information
TLS_AES_256_GCM_SHA384Information
TLS_AES_128_GCM_SHA256Information
TLSv1.2
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256Non-compliant with HIPAA guidance
TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256Non-compliant with HIPAA guidance
TLS_RSA_WITH_AES_128_CBC_SHA256Good configuration
TLS_RSA_WITH_AES_256_CBC_SHA256Good configuration
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256Good configuration
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256Good configuration
TLS_RSA_WITH_AES_128_GCM_SHA256Good configuration
TLS_RSA_WITH_AES_256_GCM_SHA384Good configuration
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256Good configuration
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384Good configuration
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256Good configuration
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384Good configuration
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256Good configuration
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384Good configuration
TLS_DHE_RSA_WITH_AES_256_CCM_8Non-compliant with HIPAA guidance
TLS_DHE_RSA_WITH_AES_256_CCMNon-compliant with HIPAA guidance
TLS_DHE_RSA_WITH_AES_128_CCM_8Non-compliant with HIPAA guidance
TLS_DHE_RSA_WITH_AES_128_CCMNon-compliant with HIPAA guidance
TLS_RSA_WITH_AES_256_CCM_8Non-compliant with HIPAA guidance
TLS_RSA_WITH_AES_256_CCMNon-compliant with HIPAA guidance
TLS_RSA_WITH_AES_128_CCM_8Non-compliant with HIPAA guidance
TLS_RSA_WITH_AES_128_CCMNon-compliant with HIPAA guidance
DIFFIE-HELLMAN PARAMETER SIZE
Diffie-Hellman parameter size: 2048 bitsGood configuration
SUPPORTED ELLIPTIC CURVES
List of all elliptic curves supported by the server:

P-256 (prime256v1) (256 bits)Good configuration
EC_POINT_FORMAT EXTENSION
The server supports the EC_POINT_FORMAT TLS extension.Good configuration
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

User avatar
Dravion
Senior user
Senior user
Posts: 1435
Joined: 2015-09-26 11:50
Location: Germany
Contact:

Re: hMailServer 5.7

Post by Dravion » 2019-10-18 07:09

It's hard to see for me on which website you running your Test, can you just copy and paste it into your next reply?

For Webservers i use Qualys SSL testing, but i wasnt aware there is sometibg availabe for Mailservers to :)

User avatar
mattg
Moderator
Moderator
Posts: 20134
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: hMailServer 5.7

Post by mattg » 2019-10-18 07:55

mattg wrote:
2019-10-11 11:03
Just did this suite of tests
https://www.immuniweb.com/ssl/

I scored an A+ which is awesome
Put a ':25' at the end and it will check mail server on port 25
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

palinka
Senior user
Senior user
Posts: 1110
Joined: 2017-09-12 17:57

Re: hMailServer 5.7

Post by palinka » 2019-10-18 12:13

I scored an F, due to not being able to connect. My firewall ban blocked their IPs long before trying the test due to being listed by spamhaus. I could unblock them easy enough, but what's up with the spamhaus listing?

palinka
Senior user
Senior user
Posts: 1110
Joined: 2017-09-12 17:57

Re: hMailServer 5.7

Post by palinka » 2019-10-18 13:31

RESULTS OF LOOKUP
192.175.111.241 is listed

This IP address was detected and listed 17 times in the past 28 days, and 3 times in the past 24 hours. The most recent detection was at Fri Oct 18 03:25:00 2019 UTC +/- 5 minutes

Your IP address (192.175.111.241) is sending email in such a way as to strongly indicate that the IP itself is operating somes sort of spam package.

This IP is impersonating (via SMTP HELO command) being a domain we know it _cannot_ be. No properly configured mail server does this under any circumstances.

If the IP is a NAT firewall, we strongly recommend configuring the firewall to prevent machines on your network connecting to the Internet on port 25, except for machines that are supposed to be mail servers.

SOFTWARE NOTES:
NEW: If you are using a TLS scanner or some other mechanism to check TLS settings of mail servers based on openssl, change the HELO value to something reasonable (the reverse-DNS of your IP address is usually a good idea) instead of the default in the openssl command line.

Ok that makes sense. Still, it's an easy fix. Why don't they just fix it?

User avatar
SorenR
Senior user
Senior user
Posts: 3190
Joined: 2006-08-21 15:38
Location: Denmark

Re: hMailServer 5.7

Post by SorenR » 2019-10-18 13:52

palinka wrote:
2019-10-18 13:31
RESULTS OF LOOKUP
192.175.111.241 is listed

This IP address was detected and listed 17 times in the past 28 days, and 3 times in the past 24 hours. The most recent detection was at Fri Oct 18 03:25:00 2019 UTC +/- 5 minutes

Your IP address (192.175.111.241) is sending email in such a way as to strongly indicate that the IP itself is operating somes sort of spam package.

This IP is impersonating (via SMTP HELO command) being a domain we know it _cannot_ be. No properly configured mail server does this under any circumstances.

If the IP is a NAT firewall, we strongly recommend configuring the firewall to prevent machines on your network connecting to the Internet on port 25, except for machines that are supposed to be mail servers.

SOFTWARE NOTES:
NEW: If you are using a TLS scanner or some other mechanism to check TLS settings of mail servers based on openssl, change the HELO value to something reasonable (the reverse-DNS of your IP address is usually a good idea) instead of the default in the openssl command line.

Ok that makes sense. Still, it's an easy fix. Why don't they just fix it?
RFC tells you to use your FQDN in your greeting. That is actually what they are telling you.

Anyways, it's an easy fix, change the MX for your domain to the FQDN your ISP set on your connection and use the same FQDN in your greeting.

As long as FQDN = PTR = HELO/EHLO then all is fine. It does not have to be your domain. (It's like a c/o postal address ;-) )

Anyways, my server never finished the test - all test sites ended up in my AutoBan :oops:
SørenR.

“With age comes wisdom, but sometimes age comes alone.”
- Oscar Wilde

User avatar
Mar_ty
New user
New user
Posts: 14
Joined: 2016-10-24 15:19
Location: USA

Re: hMailServer 5.7

Post by Mar_ty » 2019-10-18 14:21

This is the cipher suite I use. It passes without OCSP stapling. I have SPF and DMARC records for server security hardening.

SUPPORTED CIPHERS
List of all cipher suites supported by the server:
TLSv1.3
TLS_CHACHA20_POLY1305_SHA256
Information
TLS_AES_256_GCM_SHA384
Information
TLS_AES_128_GCM_SHA256
Information
TLSv1.2
TLS_RSA_WITH_AES_128_CBC_SHA256Good configuration
TLS_RSA_WITH_AES_256_CBC_SHA256Good configuration
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256Good configuration
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256Good configuration
TLS_RSA_WITH_AES_128_GCM_SHA256Good configuration
TLS_RSA_WITH_AES_256_GCM_SHA384Good configuration
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256Good configuration
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384Good configuration
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256Good configuration
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384Good configuration
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256Good configuration
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384Good configuration

SUPPORTED PROTOCOLS
List of all SSL/TLS protocols supported by the server:
TLSv1.2
Good configuration
TLSv1.3
Information
"Too much of anything is Bad, But TOO MUCH GOOD WHISKEY IS BARELY ENOUGH"
- Mark Twain

hMailServer 5.7 -B2490 64-Bit

palinka
Senior user
Senior user
Posts: 1110
Joined: 2017-09-12 17:57

Re: hMailServer 5.7

Post by palinka » 2019-10-18 17:46

SorenR wrote:
2019-10-18 13:52
palinka wrote:
2019-10-18 13:31
RESULTS OF LOOKUP
192.175.111.241 is listed

This IP address was detected and listed 17 times in the past 28 days, and 3 times in the past 24 hours. The most recent detection was at Fri Oct 18 03:25:00 2019 UTC +/- 5 minutes

Your IP address (192.175.111.241) is sending email in such a way as to strongly indicate that the IP itself is operating somes sort of spam package.

This IP is impersonating (via SMTP HELO command) being a domain we know it _cannot_ be. No properly configured mail server does this under any circumstances.

If the IP is a NAT firewall, we strongly recommend configuring the firewall to prevent machines on your network connecting to the Internet on port 25, except for machines that are supposed to be mail servers.

SOFTWARE NOTES:
NEW: If you are using a TLS scanner or some other mechanism to check TLS settings of mail servers based on openssl, change the HELO value to something reasonable (the reverse-DNS of your IP address is usually a good idea) instead of the default in the openssl command line.

Ok that makes sense. Still, it's an easy fix. Why don't they just fix it?
RFC tells you to use your FQDN in your greeting. That is actually what they are telling you.

Anyways, it's an easy fix, change the MX for your domain to the FQDN your ISP set on your connection and use the same FQDN in your greeting.

As long as FQDN = PTR = HELO/EHLO then all is fine. It does not have to be your domain. (It's like a c/o postal address ;-) )

Anyways, my server never finished the test - all test sites ended up in my AutoBan :oops:
The HELOs immuniweb use are mail.example.com and openssl.client.net - every one of them got hit by Spamhaus. Client.net exists but its not part of immuniweb and example.com has no A record at all. Probably reserved or something. If not, I'll grab it today. :mrgreen:

Edit -

Example domains
As described in RFC 2606 and RFC 6761, a number of domains such as example.com and example.org are maintained for documentation purposes. These domains may be used as illustrative examples in documents without prior coordination with us. They are not available for registration or transfer.

User avatar
SorenR
Senior user
Senior user
Posts: 3190
Joined: 2006-08-21 15:38
Location: Denmark

Re: hMailServer 5.7

Post by SorenR » 2019-10-18 22:00

palinka wrote:
2019-10-18 17:46
The HELOs immuniweb use are mail.example.com and openssl.client.net - every one of them got hit by Spamhaus. Client.net exists but its not part of immuniweb and example.com has no A record at all. Probably reserved or something. If not, I'll grab it today. :mrgreen:

Edit -

Example domains
As described in RFC 2606 and RFC 6761, a number of domains such as example.com and example.org are maintained for documentation purposes. These domains may be used as illustrative examples in documents without prior coordination with us. They are not available for registration or transfer.
Huh ???

Code: Select all

1692		"2019-10-18 13:26:50.878"	"--- Connect ---	70.38.27.252    	25 	                	f10.immuniweb.com"
3160		"2019-10-18 13:26:50.878"	"--- Connect ---	64.15.129.117   	25 	                	f18.immuniweb.com"
1692		"2019-10-18 13:26:50.878"	"IDS Add        	70.38.27.252"
3160		"2019-10-18 13:26:50.878"	"IDS Add        	64.15.129.117"
148		"2019-10-18 13:27:00.253"	"--- Connect ---	64.15.129.117   	25 	                	f18.immuniweb.com"
148		"2019-10-18 13:27:00.253"	"IDS Add        	64.15.129.117"
1720		"2019-10-18 13:27:10.437"	"--- Connect ---	64.15.129.102   	25 	                	f03.immuniweb.com"
1720		"2019-10-18 13:27:10.453"	"IDS Add        	64.15.129.102"
3448		"2019-10-18 13:27:20.609"	"--- Connect ---	72.55.136.156   	25 	                	f06.immuniweb.com"
3448		"2019-10-18 13:27:20.609"	"IDS Add        	72.55.136.156"
148		"2019-10-18 13:27:31.328"	"--- Connect ---	64.15.129.117   	25 	                	f18.immuniweb.com"
148		"2019-10-18 13:27:31.328"	"IDS Add        	64.15.129.117"
3448		"2019-10-18 13:27:40.484"	"--- Connect ---	192.175.111.228 	25 	                	f01.immuniweb.com"
3448		"2019-10-18 13:27:40.500"	"IDS Add        	192.175.111.228"
1720		"2019-10-18 13:27:50.671"	"--- Connect ---	192.175.111.233 	25 	                	f12.immuniweb.com"
1720		"2019-10-18 13:27:50.671"	"IDS Add        	192.175.111.233"
1692		"2019-10-18 13:28:00.671"	"--- Connect ---	64.15.129.119   	25 	                	f20.immuniweb.com"
1692		"2019-10-18 13:28:00.687"	"IDS Add        	64.15.129.119"
3160		"2019-10-18 13:28:10.671"	"--- Connect ---	192.175.111.240 	25 	                	f13.immuniweb.com"
3160		"2019-10-18 13:28:10.671"	"IDS Add        	192.175.111.240"
148		"2019-10-18 13:28:21.390"	"--- Connect ---	64.15.129.119   	25 	                	f20.immuniweb.com"
148		"2019-10-18 13:28:21.390"	"IDS Add        	64.15.129.119"
3160		"2019-10-18 13:28:30.437"	"--- Connect ---	192.175.111.233 	25 	                	f12.immuniweb.com"
3160		"2019-10-18 13:28:30.453"	"IDS Add        	192.175.111.233"
3448		"2019-10-18 13:28:40.859"	"--- Connect ---	70.38.27.248    	25 	                	f05.immuniweb.com"
3448		"2019-10-18 13:28:40.875"	"IDS Add        	70.38.27.248"
1692		"2019-10-18 13:28:50.500"	"--- Connect ---	64.15.129.119   	25 	                	f20.immuniweb.com"
1692		"2019-10-18 13:28:50.500"	"IDS Add        	64.15.129.119"
1720		"2019-10-18 13:28:53.156"	"--- Connect ---	47.254.178.255  	25"
1720		"2019-10-18 13:28:53.156"	"IDS Add        	47.254.178.255"
1720		"2019-10-18 13:28:53.218"	"SnowShoe       	47.254.178.255"
1720		"2019-10-18 13:28:54.703"	"DISCONNECT     	47.254.178.255"
1720		"2019-10-18 13:29:00.703"	"--- Connect ---	64.15.129.116   	25 	                	f17.immuniweb.com"
1720		"2019-10-18 13:29:00.703"	"IDS Add        	64.15.129.116"
3160		"2019-10-18 13:29:10.484"	"--- Connect ---	72.55.136.156   	25 	                	f06.immuniweb.com"
3160		"2019-10-18 13:29:10.484"	"IDS Add        	72.55.136.156"
148		"2019-10-18 13:29:20.984"	"--- Connect ---	192.175.111.231 	25 	                	f11.immuniweb.com"
148		"2019-10-18 13:29:20.984"	"IDS Add        	192.175.111.231"
3160		"2019-10-18 13:29:30.562"	"--- Connect ---	64.15.129.117   	25 	                	f18.immuniweb.com"
3160		"2019-10-18 13:29:30.562"	"IDS Add        	64.15.129.117"
1692		"2019-10-18 13:29:40.546"	"--- Connect ---	192.175.111.240 	25 	                	f13.immuniweb.com"
1692		"2019-10-18 13:29:40.546"	"IDS Add        	192.175.111.240"
3448		"2019-10-18 13:29:50.562"	"--- Connect ---	64.15.129.117   	25 	                	f18.immuniweb.com"
3448		"2019-10-18 13:29:50.562"	"IDS Add        	64.15.129.117"
2900		"2019-10-18 13:30:00.496"	"IDS BAN        	64.15.129.117"
1720		"2019-10-18 13:30:00.812"	"--- Connect ---	64.15.129.106   	25 	                	f04.immuniweb.com"
1720		"2019-10-18 13:30:00.812"	"IDS Add        	64.15.129.106"
1720		"2019-10-18 13:30:11.777"	"--- Connect ---	192.175.111.252 	25 	                	f08.immuniweb.com"
1720		"2019-10-18 13:30:11.777"	"IDS Add        	192.175.111.252"
148		"2019-10-18 13:30:20.843"	"--- Connect ---	64.15.129.118   	25 	                	f19.immuniweb.com"
148		"2019-10-18 13:30:20.843"	"IDS Add        	64.15.129.118"
3160		"2019-10-18 13:30:30.636"	"--- Connect ---	72.55.136.156   	25 	                	f06.immuniweb.com"
3160		"2019-10-18 13:30:30.636"	"IDS Add        	72.55.136.156"
3448		"2019-10-18 13:30:40.605"	"--- Connect ---	70.38.27.248    	25 	                	f05.immuniweb.com"
3448		"2019-10-18 13:30:40.621"	"IDS Add        	70.38.27.248"
1692		"2019-10-18 13:30:50.699"	"--- Connect ---	72.55.136.156   	25 	                	f06.immuniweb.com"
1692		"2019-10-18 13:30:50.699"	"IDS Add        	72.55.136.156"
3584		"2019-10-18 13:31:00.371"	"IDS BAN        	72.55.136.156"
148		"2019-10-18 13:31:01.199"	"--- Connect ---	192.175.111.240 	25 	                	f13.immuniweb.com"
148		"2019-10-18 13:31:01.199"	"IDS Add        	192.175.111.240"
3448		"2019-10-18 13:31:10.886"	"--- Connect ---	72.55.136.199   	25 	                	f07.immuniweb.com"
3448		"2019-10-18 13:31:10.902"	"IDS Add        	72.55.136.199"
1720		"2019-10-18 13:31:20.667"	"--- Connect ---	64.15.129.102   	25 	                	f03.immuniweb.com"
1720		"2019-10-18 13:31:20.667"	"IDS Add        	64.15.129.102"
1720		"2019-10-18 13:37:35.066"	"--- Connect ---	70.38.27.252    	465	                	f10.immuniweb.com"
3448		"2019-10-18 13:37:35.082"	"--- Connect ---	72.55.136.199   	465	                	f07.immuniweb.com"
1692		"2019-10-18 13:37:35.097"	"--- Connect ---	72.55.136.156   	465	                	f06.immuniweb.com"
3160		"2019-10-18 13:37:35.097"	"--- Connect ---	192.175.111.228 	465	                	f01.immuniweb.com"
1720		"2019-10-18 13:37:35.191"	"GEOBlock       	70.38.27.252    	   	                	SMTPS"
3448		"2019-10-18 13:37:35.191"	"GEOBlock       	72.55.136.199   	   	                	SMTPS"
1692		"2019-10-18 13:37:35.207"	"GEOBlock       	72.55.136.156   	   	                	SMTPS"
148		"2019-10-18 13:37:35.332"	"--- Connect ---	192.175.111.229 	465	                	f02.immuniweb.com"
148		"2019-10-18 13:37:35.394"	"GEOBlock       	192.175.111.229 	   	                	SMTPS"
148		"2019-10-18 13:37:37.300"	"DISCONNECT     	192.175.111.229"
1692		"2019-10-18 13:37:37.300"	"DISCONNECT     	72.55.136.156"
1720		"2019-10-18 13:37:37.300"	"DISCONNECT     	70.38.27.252"
3448		"2019-10-18 13:37:37.300"	"DISCONNECT     	72.55.136.199"
3160		"2019-10-18 13:37:37.316"	"GEOBlock       	192.175.111.228 	   	                	SMTPS"
148		"2019-10-18 13:37:37.332"	"--- Connect ---	192.175.111.231 	465	                	f11.immuniweb.com"
148		"2019-10-18 13:37:37.363"	"GEOBlock       	192.175.111.231 	   	                	SMTPS"
1692		"2019-10-18 13:37:37.582"	"--- Connect ---	192.175.111.242 	25 	                	f15.immuniweb.com"
1692		"2019-10-18 13:37:37.582"	"IDS Add        	192.175.111.242"
3448		"2019-10-18 13:37:37.613"	"--- Connect ---	192.175.111.241 	25 	                	f14.immuniweb.com"
3448		"2019-10-18 13:37:37.613"	"IDS Add        	192.175.111.241"
1720		"2019-10-18 13:37:38.925"	"--- Connect ---	192.175.111.243 	25 	                	f16.immuniweb.com"
1720		"2019-10-18 13:37:38.925"	"IDS Add        	192.175.111.243"
3160		"2019-10-18 13:37:49.660"	"DISCONNECT     	192.175.111.228"
3448		"2019-10-18 13:37:49.660"	"--- Connect ---	192.175.111.252 	25 	                	f08.immuniweb.com"
148		"2019-10-18 13:37:49.675"	"DISCONNECT     	192.175.111.231"
1720		"2019-10-18 13:37:49.675"	"--- Connect ---	64.15.129.106   	25 	                	f04.immuniweb.com"
1692		"2019-10-18 13:37:49.675"	"--- Connect ---	64.15.129.102   	25 	                	f03.immuniweb.com"
3448		"2019-10-18 13:37:49.675"	"IDS Add        	192.175.111.252"
1720		"2019-10-18 13:37:49.675"	"IDS Add        	64.15.129.106"
1692		"2019-10-18 13:37:49.675"	"IDS Add        	64.15.129.102"
148		"2019-10-18 13:37:49.785"	"WList HELO     	192.175.111.242 	   	                	f11.immuniweb.com"
148		"2019-10-18 13:37:49.800"	"WList HELO     	192.175.111.243 	   	                	f11.immuniweb.com"
3160		"2019-10-18 13:38:00.691"	"WList HELO     	192.175.111.241 	   	                	f11.immuniweb.com"
148		"2019-10-18 13:38:00.832"	"WList HELO     	64.15.129.102   	   	                	f11.immuniweb.com"
3448		"2019-10-18 13:38:00.832"	"WList HELO     	192.175.111.252 	   	                	f11.immuniweb.com"
1720		"2019-10-18 13:38:02.316"	"WList HELO     	64.15.129.106   	   	                	f11.immuniweb.com"
SørenR.

“With age comes wisdom, but sometimes age comes alone.”
- Oscar Wilde

palinka
Senior user
Senior user
Posts: 1110
Joined: 2017-09-12 17:57

Re: hMailServer 5.7

Post by palinka » 2019-10-18 23:25

SorenR wrote:
2019-10-18 22:00
palinka wrote:
2019-10-18 17:46
The HELOs immuniweb use are mail.example.com and openssl.client.net - every one of them got hit by Spamhaus. Client.net exists but its not part of immuniweb and example.com has no A record at all. Probably reserved or something. If not, I'll grab it today. :mrgreen:

Edit -

Example domains
As described in RFC 2606 and RFC 6761, a number of domains such as example.com and example.org are maintained for documentation purposes. These domains may be used as illustrative examples in documents without prior coordination with us. They are not available for registration or transfer.
Huh ???

Code: Select all

1692		"2019-10-18 13:26:50.878"	"--- Connect ---	70.38.27.252    	25 	                	f10.immuniweb.com"
3160		"2019-10-18 13:26:50.878"	"--- Connect ---	64.15.129.117   	25 	                	f18.immuniweb.com"
1692		"2019-10-18 13:26:50.878"	"IDS Add        	70.38.27.252"
3160		"2019-10-18 13:26:50.878"	"IDS Add        	64.15.129.117"
148		"2019-10-18 13:27:00.253"	"--- Connect ---	64.15.129.117   	25 	                	f18.immuniweb.com"
148		"2019-10-18 13:27:00.253"	"IDS Add        	64.15.129.117"
1720		"2019-10-18 13:27:10.437"	"--- Connect ---	64.15.129.102   	25 	                	f03.immuniweb.com"
1720		"2019-10-18 13:27:10.453"	"IDS Add        	64.15.129.102"
3448		"2019-10-18 13:27:20.609"	"--- Connect ---	72.55.136.156   	25 	                	f06.immuniweb.com"
3448		"2019-10-18 13:27:20.609"	"IDS Add        	72.55.136.156"
148		"2019-10-18 13:27:31.328"	"--- Connect ---	64.15.129.117   	25 	                	f18.immuniweb.com"
148		"2019-10-18 13:27:31.328"	"IDS Add        	64.15.129.117"
3448		"2019-10-18 13:27:40.484"	"--- Connect ---	192.175.111.228 	25 	                	f01.immuniweb.com"
3448		"2019-10-18 13:27:40.500"	"IDS Add        	192.175.111.228"
1720		"2019-10-18 13:27:50.671"	"--- Connect ---	192.175.111.233 	25 	                	f12.immuniweb.com"
1720		"2019-10-18 13:27:50.671"	"IDS Add        	192.175.111.233"
1692		"2019-10-18 13:28:00.671"	"--- Connect ---	64.15.129.119   	25 	                	f20.immuniweb.com"
1692		"2019-10-18 13:28:00.687"	"IDS Add        	64.15.129.119"
3160		"2019-10-18 13:28:10.671"	"--- Connect ---	192.175.111.240 	25 	                	f13.immuniweb.com"
3160		"2019-10-18 13:28:10.671"	"IDS Add        	192.175.111.240"
148		"2019-10-18 13:28:21.390"	"--- Connect ---	64.15.129.119   	25 	                	f20.immuniweb.com"
148		"2019-10-18 13:28:21.390"	"IDS Add        	64.15.129.119"
3160		"2019-10-18 13:28:30.437"	"--- Connect ---	192.175.111.233 	25 	                	f12.immuniweb.com"
3160		"2019-10-18 13:28:30.453"	"IDS Add        	192.175.111.233"
3448		"2019-10-18 13:28:40.859"	"--- Connect ---	70.38.27.248    	25 	                	f05.immuniweb.com"
3448		"2019-10-18 13:28:40.875"	"IDS Add        	70.38.27.248"
1692		"2019-10-18 13:28:50.500"	"--- Connect ---	64.15.129.119   	25 	                	f20.immuniweb.com"
1692		"2019-10-18 13:28:50.500"	"IDS Add        	64.15.129.119"
1720		"2019-10-18 13:28:53.156"	"--- Connect ---	47.254.178.255  	25"
1720		"2019-10-18 13:28:53.156"	"IDS Add        	47.254.178.255"
1720		"2019-10-18 13:28:53.218"	"SnowShoe       	47.254.178.255"
1720		"2019-10-18 13:28:54.703"	"DISCONNECT     	47.254.178.255"
1720		"2019-10-18 13:29:00.703"	"--- Connect ---	64.15.129.116   	25 	                	f17.immuniweb.com"
1720		"2019-10-18 13:29:00.703"	"IDS Add        	64.15.129.116"
3160		"2019-10-18 13:29:10.484"	"--- Connect ---	72.55.136.156   	25 	                	f06.immuniweb.com"
3160		"2019-10-18 13:29:10.484"	"IDS Add        	72.55.136.156"
148		"2019-10-18 13:29:20.984"	"--- Connect ---	192.175.111.231 	25 	                	f11.immuniweb.com"
148		"2019-10-18 13:29:20.984"	"IDS Add        	192.175.111.231"
3160		"2019-10-18 13:29:30.562"	"--- Connect ---	64.15.129.117   	25 	                	f18.immuniweb.com"
3160		"2019-10-18 13:29:30.562"	"IDS Add        	64.15.129.117"
1692		"2019-10-18 13:29:40.546"	"--- Connect ---	192.175.111.240 	25 	                	f13.immuniweb.com"
1692		"2019-10-18 13:29:40.546"	"IDS Add        	192.175.111.240"
3448		"2019-10-18 13:29:50.562"	"--- Connect ---	64.15.129.117   	25 	                	f18.immuniweb.com"
3448		"2019-10-18 13:29:50.562"	"IDS Add        	64.15.129.117"
2900		"2019-10-18 13:30:00.496"	"IDS BAN        	64.15.129.117"
1720		"2019-10-18 13:30:00.812"	"--- Connect ---	64.15.129.106   	25 	                	f04.immuniweb.com"
1720		"2019-10-18 13:30:00.812"	"IDS Add        	64.15.129.106"
1720		"2019-10-18 13:30:11.777"	"--- Connect ---	192.175.111.252 	25 	                	f08.immuniweb.com"
1720		"2019-10-18 13:30:11.777"	"IDS Add        	192.175.111.252"
148		"2019-10-18 13:30:20.843"	"--- Connect ---	64.15.129.118   	25 	                	f19.immuniweb.com"
148		"2019-10-18 13:30:20.843"	"IDS Add        	64.15.129.118"
3160		"2019-10-18 13:30:30.636"	"--- Connect ---	72.55.136.156   	25 	                	f06.immuniweb.com"
3160		"2019-10-18 13:30:30.636"	"IDS Add        	72.55.136.156"
3448		"2019-10-18 13:30:40.605"	"--- Connect ---	70.38.27.248    	25 	                	f05.immuniweb.com"
3448		"2019-10-18 13:30:40.621"	"IDS Add        	70.38.27.248"
1692		"2019-10-18 13:30:50.699"	"--- Connect ---	72.55.136.156   	25 	                	f06.immuniweb.com"
1692		"2019-10-18 13:30:50.699"	"IDS Add        	72.55.136.156"
3584		"2019-10-18 13:31:00.371"	"IDS BAN        	72.55.136.156"
148		"2019-10-18 13:31:01.199"	"--- Connect ---	192.175.111.240 	25 	                	f13.immuniweb.com"
148		"2019-10-18 13:31:01.199"	"IDS Add        	192.175.111.240"
3448		"2019-10-18 13:31:10.886"	"--- Connect ---	72.55.136.199   	25 	                	f07.immuniweb.com"
3448		"2019-10-18 13:31:10.902"	"IDS Add        	72.55.136.199"
1720		"2019-10-18 13:31:20.667"	"--- Connect ---	64.15.129.102   	25 	                	f03.immuniweb.com"
1720		"2019-10-18 13:31:20.667"	"IDS Add        	64.15.129.102"
1720		"2019-10-18 13:37:35.066"	"--- Connect ---	70.38.27.252    	465	                	f10.immuniweb.com"
3448		"2019-10-18 13:37:35.082"	"--- Connect ---	72.55.136.199   	465	                	f07.immuniweb.com"
1692		"2019-10-18 13:37:35.097"	"--- Connect ---	72.55.136.156   	465	                	f06.immuniweb.com"
3160		"2019-10-18 13:37:35.097"	"--- Connect ---	192.175.111.228 	465	                	f01.immuniweb.com"
1720		"2019-10-18 13:37:35.191"	"GEOBlock       	70.38.27.252    	   	                	SMTPS"
3448		"2019-10-18 13:37:35.191"	"GEOBlock       	72.55.136.199   	   	                	SMTPS"
1692		"2019-10-18 13:37:35.207"	"GEOBlock       	72.55.136.156   	   	                	SMTPS"
148		"2019-10-18 13:37:35.332"	"--- Connect ---	192.175.111.229 	465	                	f02.immuniweb.com"
148		"2019-10-18 13:37:35.394"	"GEOBlock       	192.175.111.229 	   	                	SMTPS"
148		"2019-10-18 13:37:37.300"	"DISCONNECT     	192.175.111.229"
1692		"2019-10-18 13:37:37.300"	"DISCONNECT     	72.55.136.156"
1720		"2019-10-18 13:37:37.300"	"DISCONNECT     	70.38.27.252"
3448		"2019-10-18 13:37:37.300"	"DISCONNECT     	72.55.136.199"
3160		"2019-10-18 13:37:37.316"	"GEOBlock       	192.175.111.228 	   	                	SMTPS"
148		"2019-10-18 13:37:37.332"	"--- Connect ---	192.175.111.231 	465	                	f11.immuniweb.com"
148		"2019-10-18 13:37:37.363"	"GEOBlock       	192.175.111.231 	   	                	SMTPS"
1692		"2019-10-18 13:37:37.582"	"--- Connect ---	192.175.111.242 	25 	                	f15.immuniweb.com"
1692		"2019-10-18 13:37:37.582"	"IDS Add        	192.175.111.242"
3448		"2019-10-18 13:37:37.613"	"--- Connect ---	192.175.111.241 	25 	                	f14.immuniweb.com"
3448		"2019-10-18 13:37:37.613"	"IDS Add        	192.175.111.241"
1720		"2019-10-18 13:37:38.925"	"--- Connect ---	192.175.111.243 	25 	                	f16.immuniweb.com"
1720		"2019-10-18 13:37:38.925"	"IDS Add        	192.175.111.243"
3160		"2019-10-18 13:37:49.660"	"DISCONNECT     	192.175.111.228"
3448		"2019-10-18 13:37:49.660"	"--- Connect ---	192.175.111.252 	25 	                	f08.immuniweb.com"
148		"2019-10-18 13:37:49.675"	"DISCONNECT     	192.175.111.231"
1720		"2019-10-18 13:37:49.675"	"--- Connect ---	64.15.129.106   	25 	                	f04.immuniweb.com"
1692		"2019-10-18 13:37:49.675"	"--- Connect ---	64.15.129.102   	25 	                	f03.immuniweb.com"
3448		"2019-10-18 13:37:49.675"	"IDS Add        	192.175.111.252"
1720		"2019-10-18 13:37:49.675"	"IDS Add        	64.15.129.106"
1692		"2019-10-18 13:37:49.675"	"IDS Add        	64.15.129.102"
148		"2019-10-18 13:37:49.785"	"WList HELO     	192.175.111.242 	   	                	f11.immuniweb.com"
148		"2019-10-18 13:37:49.800"	"WList HELO     	192.175.111.243 	   	                	f11.immuniweb.com"
3160		"2019-10-18 13:38:00.691"	"WList HELO     	192.175.111.241 	   	                	f11.immuniweb.com"
148		"2019-10-18 13:38:00.832"	"WList HELO     	64.15.129.102   	   	                	f11.immuniweb.com"
3448		"2019-10-18 13:38:00.832"	"WList HELO     	192.175.111.252 	   	                	f11.immuniweb.com"
1720		"2019-10-18 13:38:02.316"	"WList HELO     	64.15.129.106   	   	                	f11.immuniweb.com"
HELO = oClient.HELO grabbed from OnHELO. Is there another?


Screenshot_20191018-172222_Brave.jpg

That also explains the note from Spamhaus:
SOFTWARE NOTES:
NEW: If you are using a TLS scanner or some other mechanism to check TLS settings of mail servers based on openssl, change the HELO value to something reasonable (the reverse-DNS of your IP address is usually a good idea) instead of the default in the openssl command line.

palinka
Senior user
Senior user
Posts: 1110
Joined: 2017-09-12 17:57

Re: hMailServer 5.7

Post by palinka » 2019-10-18 23:35

SorenR wrote:
2019-10-18 22:00
Huh ???
Never mind. I see what you're doing. Very sneaky. :) You're using PTR lookup, not HELO. I tested one of their IPs and it returned what you'd shown.

Code: Select all

C:\Users\palinka>nslookup 70.38.27.252
Server:  resolver1.opendns.com
Address:  208.67.222.222

Name:    f10.immuniweb.com
Address:  70.38.27.252
But that's not what they present for HELO on these tests, or scanning or whatever they were doing that got them PERMANENTLY FIREWALL BANNED!!!!!! :mrgreen:

User avatar
SorenR
Senior user
Senior user
Posts: 3190
Joined: 2006-08-21 15:38
Location: Denmark

Re: hMailServer 5.7

Post by SorenR » 2019-10-19 00:32

palinka wrote:
2019-10-18 23:35
SorenR wrote:
2019-10-18 22:00
Huh ???
Never mind. I see what you're doing. Very sneaky. :) You're using PTR lookup, not HELO. I tested one of their IPs and it returned what you'd shown.

Code: Select all

C:\Users\palinka>nslookup 70.38.27.252
Server:  resolver1.opendns.com
Address:  208.67.222.222

Name:    f10.immuniweb.com
Address:  70.38.27.252
But that's not what they present for HELO on these tests, or scanning or whatever they were doing that got them PERMANENTLY FIREWALL BANNED!!!!!! :mrgreen:
Last 6 lines in that log are HELO's. I had to whitelist HELO = (.*\.immuniweb\.com) to allow it to test but it eventually failed on the GEOIP for IMAPS and SMTPS. I have not edited the log, it is one section cut'n paste.

I have no trace of the HELO's you saw in any of my logs.
SørenR.

“With age comes wisdom, but sometimes age comes alone.”
- Oscar Wilde

palinka
Senior user
Senior user
Posts: 1110
Joined: 2017-09-12 17:57

Re: hMailServer 5.7

Post by palinka » 2019-10-19 01:29

SorenR wrote:
2019-10-19 00:32
Last 6 lines in that log are HELO's. I had to whitelist HELO = (.*\.immuniweb\.com) to allow it to test but it eventually failed on the GEOIP for IMAPS and SMTPS. I have not edited the log, it is one section cut'n paste.

I have no trace of the HELO's you saw in any of my logs.
Weird. That's what i got for oClient.HELO. The HELOs didn't trip spamhaus - the IPs did.

User avatar
SorenR
Senior user
Senior user
Posts: 3190
Joined: 2006-08-21 15:38
Location: Denmark

Re: hMailServer 5.7

Post by SorenR » 2019-10-19 01:41

palinka wrote:
2019-10-19 01:29
SorenR wrote:
2019-10-19 00:32
Last 6 lines in that log are HELO's. I had to whitelist HELO = (.*\.immuniweb\.com) to allow it to test but it eventually failed on the GEOIP for IMAPS and SMTPS. I have not edited the log, it is one section cut'n paste.

I have no trace of the HELO's you saw in any of my logs.
Weird. That's what i got for oClient.HELO. The HELOs didn't trip spamhaus - the IPs did.
They didnt get that far on my server since I don't do StartTLS. Anyways, I have "DNSBLChecksAfterMailFrom=0" in my .ini so RBL's are not checked until after "RECEIVED: RCPT TO:".
SørenR.

“With age comes wisdom, but sometimes age comes alone.”
- Oscar Wilde

User avatar
mattg
Moderator
Moderator
Posts: 20134
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: hMailServer 5.7

Post by mattg » 2019-10-19 02:59

Dravion wrote:
2019-10-18 07:09
It's hard to see for me on which website you running your Test, can you just copy and paste it into your next reply?

For Webservers i use Qualys SSL testing, but i wasnt aware there is sometibg availabe for Mailservers to :)
I do these fairly routinely

Mailserver
https://dkimvalidator.com/
https://ssl-tools.net/mailservers
https://www.immuniweb.com
https://mecsa.jrc.ec.europa.eu/en/
https://luxsci.com/smtp-tls-checker

Website
https://observatory.mozilla.org/
https://www.ssllabs.com/ssltest/
https://www.immuniweb.com

I find the Mozilla one very harsh, but the others I mostly do well with
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

User avatar
mattg
Moderator
Moderator
Posts: 20134
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: hMailServer 5.7

Post by mattg » 2019-10-19 03:03

Changed my cipher suite in hMailserver to this and got an A+, with green for PCI, HIPAA and NIST

Code: Select all

TLS13-AES-256-GCM-SHA384:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA38:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256
:mrgreen: :mrgreen:
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

User avatar
mattg
Moderator
Moderator
Posts: 20134
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: hMailServer 5.7

Post by mattg » 2019-10-19 06:04

Also found this statement today

https://blog.pcisecuritystandards.org/a ... -early-tls

If you have an EFTPOS machine on your network, or accept payments on your website, you need to have met this (in most countries)
30 June 2018 is the deadline for disabling SSL/early TLS and implementing a more secure encryption protocol – TLS 1.1 or higher (TLS v1.2 is strongly encouraged) in order to meet the PCI Data Security Standard (PCI DSS) for safeguarding payment data.
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

shar0119
New user
New user
Posts: 9
Joined: 2014-11-05 23:18

Re: hMailServer 5.7

Post by shar0119 » 2019-10-20 21:06

Do I have to uninstall the x86 version to install the 64 bit version or will the install of 64 bit just take over the existing hMailServer windows service after install? I am hoping to install it on the same machine and if possible so its easier for the 64 bit version to have access to the data folder.

User avatar
mattg
Moderator
Moderator
Posts: 20134
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: hMailServer 5.7

Post by mattg » 2019-10-21 00:39

THIS IS AN ALPHA version
This is NOT recommended on production machines

You should backup your entire system prior to upgrade, you should test this multiple times and provide feedback about your experiences.


You just install over the top of an existing hMailserver, like any other upgrade
(When I moved very early on I had to find the correct database connector for my choice of database - but I think that is included in the current builds)
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

tolberjj
New user
New user
Posts: 12
Joined: 2019-10-15 20:09

Re: hMailServer 5.7

Post by tolberjj » 2019-10-21 20:39

One more table that could use a pk for mysql 8 innodb clusters. This prevents autoban from working.

create table hm_logon_failures
(
logonfailid int auto_increment not null, primary key(`logonfailid`), unique(`logonfailid`),
ipaddress1 bigint not null,
ipaddress2 bigint null,
failuretime datetime not null
) DEFAULT CHARSET=utf8;

Post Reply