Hardening hMailServer - The ongoing saga!

[CraigT]

SorenR(or other guru) are there any rules around the ODBC driver that has to be installed for either the 64/32-bit driver in Part 3 or doesn't it matter. If everything is 64-bit obviously use the 64-bit driver, but if hMail is 32-bit using 32-bit mysql.dll and MySQL is V8.x(64-bit) should I stick with the 32-bit driver or we don't care.

[SorenR]

SorenR(or other guru) are there any rules around the ODBC driver that has to be installed for either the 64/32-bit driver in Part 3 or doesn't it matter. If everything is 64-bit obviously use the 64-bit driver, but if hMail is 32-bit using 32-bit mysql.dll and MySQL is V8.x(64-bit) should I stick with the 32-bit driver or we don't care.

I'm still running 32-bit on my old server but as far as I can read, your driver need to follow your database, however there are other issues with the latest versions of MySQL. Perhaps MariaDB is worth looking into

[palinka]

Perhaps MariaDB is worth looking into

+1

32bit ODBC required for 32bit hmailserver. Its a pain in the rear to sort out. MariaDB has (I think) only one connector (32/64).

[CraigT]

Got it. Thanks guys. Waiting on the 64-bit hMailserver for a production server to do the update so everything is 64-bit, but Soren's scripts are too good to pass up, as the server seems to have an attraction to "sheskyhigh" and "blueskyhotel" plus a few others just connecting and dropping out. Plus it will make the log file much shorter.

[RvdH]

Just an idea, might prevent genuine user to be listed in IDS which experience unexpected timeouts or the alike

Code: Select all

Sub OnClientLogon(oClient)
	If oClient.Authenticated then
		REM Unregister IP address from IDS registry
		Call idsDelIP(oClient.IPAddress)
	End if
End Sub

[SorenR]

Just an idea, might prevent genuine user to be listed in IDS which experience unexpected timeouts or the alike

Code: Select all

Sub OnClientLogon(oClient)
	If oClient.Authenticated then
		REM Unregister IP address from IDS registry
		Call idsDelIP(oClient.IPAddress)
	End if
End Sub

Have you checked how many times IMAP authenticate during a session ?

The idea is to check SMTP traffic only and the IP is registered in OnClientConnect and unregistered in OnAcceptMessage. I have not had one false positive since I introduced it in my script over 1 years ago.

[RvdH]

Just an idea, might prevent genuine user to be listed in IDS which experience unexpected timeouts or the alike

Code: Select all

Sub OnClientLogon(oClient)
	If oClient.Authenticated then
		REM Unregister IP address from IDS registry
		Call idsDelIP(oClient.IPAddress)
	End if
End Sub

Have you checked how many times IMAP authenticate during a session ?

The idea is to check SMTP traffic only and the IP is registered in OnClientConnect and unregistered in OnAcceptMessage. I have not had one false positive since I introduced it in my script over 1 years ago.

Quite often, but that check will take maybe 000.1 second, especially when it doesn't exist....but you also could specify ports or just ignore the suggestion
I know i will utilize it

[udgesbou]

Heyho,
i'm running a hMailServer on a Window-Server and i want to use this scripts:

#2 How to only allow client access from specific GEO locations. --> viewtopic.php?p=209543#p209543

#3 How to stop the annoying half-connections from BOT's and misconfigured spammers. --> viewtopic.php?p=209545#p209545

I found the "Scripts"-Button in "Advanced"-Settings, but i'm new in hMailServer and i don't know how to implement the scripts to my Server
I hope you can help me or show me a tutorial for that.

Thanks in advance.

Greetings
Colin

[mattg]

basic scripting here >> https://www.hmailserver.com/documentati ... ce_scripts

[udgesbou]

Thanks for your reply!

So if i want to implement this Script "#2 How to only allow client access from specific GEO locations." my "EventHandlers.vbs" should look like this?

Code: Select all

Option Explicit

'******************************************************************************************************************************
'********** Settings                                                                                                 **********
'******************************************************************************************************************************

'
'   COM authentication
'
Private Const ADMIN = "Administrator"
Private Const PASSWORD = "########"

'******************************************************************************************************************************
'********** Functions                                                                                                **********
'******************************************************************************************************************************


Function GeoLookup(strIP) : GeoLookup = "zz"
   Dim a, element, group, strLookup
   a = Split(strIP, ".")
   With CreateObject("DNSLibrary.DNSResolver")
      strLookup = .TXT(a(3) & "." & a(2) & "." & a(1) & "." & a(0) & ".zz.countries.nerd.dk")
   End With
   If Trim(strLookup) = "" Then
      EventLog.Write( "- GeoLookup(" & strIP & ") = " & GeoLookup )
      Exit Function
   End If
   group = Split(strLookup, vbCrLf)
   If UBound(group) > 0 Then
      For Each element In group
         If (Trim(element) <> "") Then EventLog.Write( "- GeoLookup(" & strIP & ") = " & element )
      Next
   Else
      GeoLookup = group(0)
   End If
End Function

'******************************************************************************************************************************
'********** hMailServer Triggers                                                                                     **********
'******************************************************************************************************************************
Sub OnClientConnect(oClient)
 '
   '   Exclude local LAN from test
   '
   If (Left(oClient.IPAddress, 10) = "192.168.0.") Then Exit Sub
   '
   '   Only allow non-SMTP connect from "Rigsfællesskabet"/"Naalagaaffeqatigiit"/"Ríkisfelagsskapurin" = The Danish Realm.
   '   zz = N/A, dk = Denmark, gl = Greenland, fo = Faroe Islands
   '
   If (oClient.Port <> 25) Then
      If (InStr("|dk|gl|fo|", GeoLookup(oClient.IPAddress)) = 0) Then
         Result.Value = 1
         Exit Sub
      End If
   End If
End Sub

'   Sub OnSMTPData(oClient, oMessage)
'   End Sub

'   Sub OnAcceptMessage(oClient, oMessage)
'   End Sub

'   Sub OnDeliveryStart(oMessage)
'   End Sub

'   Sub OnDeliverMessage(oMessage)
'   End Sub

'   Sub OnBackupFailed(sReason)
'   End Sub

'   Sub OnBackupCompleted()
'   End Sub

'   Sub OnError(iSeverity, iCode, sSource, sDescription)
'   End Sub

'   Sub OnDeliveryFailed(oMessage, sRecipient, sErrorMessage)
'   End Sub

'   Sub OnExternalAccountDownload(oFetchAccount, oMessage, sRemoteUID)
'   End Sub

Which data must i enter here?

Code: Select all

Private Const ADMIN = "Administrator"
Private Const PASSWORD = "########"

And where can i get the "codes" for germany, so that i can only connect from german country / ip?


Thanks in advance!


Greetings

[mattg]

Which data must i enter here?

Code: Select all

Private Const ADMIN = "Administrator"
Private Const PASSWORD = "########"

The admin user MUST be = 'Administrator"
The PASSWORD is your hMailserver admin GUI password

And where can i get the "codes" for germany, so that i can only connect from german country / ip?

Germany is 127.0.1.20

[udgesbou]

And where can i get the "codes" for germany, so that i can only connect from german country / ip?

Germany is 127.0.1.20

Okay, and where do I have to put that into the script?

Greetings

[RvdH]

Okay, and where do I have to put that into the script?

Greetings

Maybe simply look at the examples given/quoted?