server receives messages addressed to wrong domain

Use this forum if you have installed hMailServer and want to ask a question related to a production release of hMailServer. Before posting, please read the troubleshooting guide. A large part of all reported issues are already described in detail here.
Post Reply
antons
New user
New user
Posts: 16
Joined: 2016-01-18 12:46

server receives messages addressed to wrong domain

Post by antons » 2018-11-01 08:43

Hello!

Hmailserver on Windows Server 2003R2, one mail domain.
All works as expected, but I have issue related to spam messages.

The my domain users receives spam messages addressed to nonexisting user on server. Messages addressed to ANOTHER domain user. May it is some spam technology, I don't know.

For instance- user@mydomain.com receives message originally addressed to someanotheruser@anotherdomain.com.

May be somebody can explain this? What is remedy?

SpamAssasin score in my configuration not always to enough to mark these messages as spam.
______________________________
X-Spam-Status: No, score=2.4 required=5.0 tests=BAYES_00,HK_NAME_DRUGS,
HTML_FONT_FACE_BAD,HTML_IMAGE_ONLY_24,HTML_IMAGE_RATIO_02,HTML_MESSAGE,
MAILING_LIST_MULTI,RCVD_IN_MSPIKE_H2,URIBL_BLACK autolearn=no
autolearn_force=no version=3.4.0
Received: from mail.oxizone.eu (mail.oxizone.eu [46.249.59.89])
by mail.mydomain.com with ESMTP
; Tue, 30 Oct 2018 19:34:40 +0200
Received: from oxizone.eu (p1009.serv-dns.ru [5.188.204.57])
by mail.oxizone.eu (Postfix) with ESMTPA id 89FAE236B3;
Tue, 30 Oct 2018 19:32:41 +0200 (EET)
Message-ID: <adridrt27744576.72562082@mail.oxizone.eu>
Reply-To: "Sieviesu Viagra" <adridrt@oxizone.eu>
From: "Sieviesu Viagra" <adridrt@oxizone.eu>
To: <d.nikitjuk@anotherdomain.com>
Subject: =?utf-8?B?S8SBIHNpZXZpZXRpIHBhdmVzdCB0aWthaSAxNSBtaW7Fq3Rlcw==?=
Date: Tue, 30 Oct 2018 19:31:13 +0200
MIME-Version: 1.0
___________________________________

Thank You.

User avatar
jimimaseye
Moderator
Moderator
Posts: 9076
Joined: 2011-09-08 17:48

Re: server receives messages addressed to wrong domain

Post by jimimaseye » 2018-11-01 08:49

run this and post the results: viewtopic.php?f=20&t=30914
5.7 on test.
SpamassassinForWindows 3.4.0 spamd service
AV: Clamwin + Clamd service + sanesecurity defs : https://www.hmailserver.com/forum/viewtopic.php?f=21&t=26829

antons
New user
New user
Posts: 16
Joined: 2016-01-18 12:46

Re: server receives messages addressed to wrong domain

Post by antons » 2018-11-01 09:26

Thank You for fast response.
I will do it later, because I'm not on server's location right now.

antons
New user
New user
Posts: 16
Joined: 2016-01-18 12:46

Re: server receives messages addressed to wrong domain

Post by antons » 2018-11-01 18:56

Diagnostics report:
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

Code: Select all

2018-11-01   Hmailserver: 5.6.4-B2283

DOMAINS

   "Domain1.com" - baxxxxxx.lv                    Enabled: True
      |- "Alias1.com" - maxx.baxxxxxx.lv

SIGNATURE         LIMITS                       DKIM               ADVANCED
  Enabled: False   Max size:                0   Enabled: False   
                   Max message size:        0                      Plus addressing: False
                   Max size of accounts:    0                    
                                                                   Greylisting: !! ENABLED BUT 
NOT ACTIVATED!! 
-----------------------------------------------------------------------------------------------

IP RANGES

IP: 89.46.77.51 - 89.46.77.51     Priority: 1000     Name: block 3

  Allow connections                         Other
     SMTP:  False                              Antispam :  False
     POP3:  False                              Antivirus:  False
     IMAP:  False                              SSL/TLS:    False


IP: 185.165.173.17 - 185.165.173.17     Priority: 1000     Name: block 31

  Allow connections                         Other
     SMTP:  False                              Antispam :  False
     POP3:  False                              Antivirus:  False
     IMAP:  False                              SSL/TLS:    False


IP: 23.227.199.123 - 23.227.199.123     Priority: 1000     Name: block2

  Allow connections                         Other
     SMTP:  False                              Antispam :  False
     POP3:  False                              Antivirus:  False
     IMAP:  False                              SSL/TLS:    False


IP: 192.168.3.1 - 192.168.3.254     Priority: 100     Name: local

  Allow connections                         Other
     SMTP:   True                              Antispam :   True
     POP3:   True                              Antivirus:  False
     IMAP:   True                              SSL/TLS:    False

  Allow Deliveries from                     Require Authentication from
     Local To Local       -  True              Local To Local       -  True
     Local To External    -  True              Local To External    -  True
     External To Local    -  True              External To Local    - False
     External To External -  True              External To External -  True


IP: 84.241.26.240 - 84.241.26.240     Priority: 25     Name: 84.241.26.240

  Allow connections                         Other
     SMTP:  False                              Antispam :   True
     POP3:  False                              Antivirus:   True
     IMAP:  False                              SSL/TLS:     True


IP: 91.200.12.13 - 91.200.12.13     Priority: 25     Name: 91.200.12.13

  Allow connections                         Other
     SMTP:  False                              Antispam :   True
     POP3:  False                              Antivirus:   True
     IMAP:  False                              SSL/TLS:     True


IP: 91.200.12.203 - 91.200.12.204     Priority: 25     Name: 91.200.12.203

  Allow connections                         Other
     SMTP:  False                              Antispam :   True
     POP3:  False                              Antivirus:   True
     IMAP:  False                              SSL/TLS:     True


IP: 185.77.131.195 - 185.77.131.195     Priority: 25     Name: block

  Allow connections                         Other
     SMTP:  False                              Antispam :  False
     POP3:  False                              Antivirus:  False
     IMAP:  False                              SSL/TLS:    False


IP: 157.122.148.249 - 157.122.148.249     Priority: 25     Name: blocl

  Allow connections                         Other
     SMTP:  False                              Antispam :  False
     POP3:  False                              Antivirus:  False
     IMAP:  False                              SSL/TLS:    False


IP: 78.6.17.238 - 78.6.17.238     Priority: 25     Name: spams

  Allow connections                         Other
     SMTP:  False                              Antispam :   True
     POP3:  False                              Antivirus:   True
     IMAP:  False                              SSL/TLS:    False


IP: 93.109.247.74 - 93.109.247.74     Priority: 25     Name: spams2

  Allow connections                         Other
     SMTP:  False                              Antispam :   True
     POP3:  False                              Antivirus:   True
     IMAP:  False                              SSL/TLS:    False


IP: 113.168.66.183 - 113.168.66.183     Priority: 25     Name: spams3

  Allow connections                         Other
     SMTP:   True                              Antispam :   True
     POP3:   True                              Antivirus:   True
     IMAP:   True                              SSL/TLS:    False

  Allow Deliveries from                     Require Authentication from
     Local To Local       -  True              Local To Local       -  True
     Local To External    -  True              Local To External    -  True
     External To Local    -  True              External To Local    - False
     External To External -  True              External To External -  True


IP: 51.174.217.114 - 51.174.217.114     Priority: 25     Name: test

  Allow connections                         Other
     SMTP:  False                              Antispam :   True
     POP3:  False                              Antivirus:   True
     IMAP:  False                              SSL/TLS:     True


IP: 91.200.12.65 - 91.200.12.130     Priority: 25     Name: test1

  Allow connections                         Other
     SMTP:  False                              Antispam :   True
     POP3:  False                              Antivirus:   True
     IMAP:  False                              SSL/TLS:     True


IP: 127.0.0.1 - 127.0.0.1     Priority: 15     Name: My computer

  Allow connections                         Other
     SMTP:   True                              Antispam :   True
     POP3:   True                              Antivirus:   True
     IMAP:   True                              SSL/TLS:    False

  Allow Deliveries from                     Require Authentication from
     Local To Local       -  True              Local To Local       - False
     Local To External    -  True              Local To External    - False
     External To Local    -  True              External To Local    - False
     External To External -  True              External To External -  True


IP: 0.0.0.0 - 255.255.255.255     Priority: 10     Name: Internet

  Allow connections                         Other
     SMTP:   True                              Antispam :   True
     POP3:   True                              Antivirus:   True
     IMAP:   True                              SSL/TLS:    False

  Allow Deliveries from                     Require Authentication from
     Local To Local       -  True              Local To Local       - False
     Local To External    -  True              Local To External    -  True
     External To Local    -  True              External To Local    - False
     External To External - False           


IP: 157.122.148.150 - 157.122.148.150     Priority: 0     Name: block1

  Allow connections                         Other
     SMTP:  False                              Antispam :  False
     POP3:  False                              Antivirus:  False
     IMAP:  False                              SSL/TLS:    False


   !!  Warning:  DEFAULT DOMAIN is SET  !! - "Domain1.com"
------------------------------------------------------
AUTOBANNED Local Addresses:
    No entries

-----------------------------------------------------------------------------------------------

AUTOBAN
  Autoban Enabled: True       Max invalid logon attempts:      5
                              Minutes Before Reset:           30  (0,50 hours, 0,02 days)
                              Minutes to Autoban:             60  (1,00 hours, 0,04 days)

There is a total of 3 auto-ban IP ranges.
-----------------------------------------------------------------------------------------------

INCOMING RELAYS
   No entries
-----------------------------------------------------------------------------------------------

MIRRORING         Disabled
-----------------------------------------------------------------------------------------------

PROTOCOLS

SMTP
GENERAL             DELIVERY                  RFC COMPLIANCE            ADVANCED
No. Connections:  0  No Retries:  4 Mins: 60   Plain Text:         True  Bind: 
                     Host: Alias1.com          Empty sender:       True  Batch recipients:   100
Max Msg Size: 35000  Relay:-                   Incorrect endings:  True  Use STARTTLS:      True
                     (none entered)            Disc. on invalid:   True  Delivered-To hdr: False
                                               Max number commands: 100  Loop limit:           5
                                                                         Recipient hosts:     15
  Routes:
     No routes defined.

POP3
  No. Connections: 0

IMAP
 GENERAL                   PUBLIC FOLDERS                    ADVANCED
  No. Connections:   0      Public folder name: #Public       IMAP sort:  True
                                                              IMAP Quota: True
                                                              IMAP Idle:  True
                                                              IMAP ACL:   True
                                                              Delim: "."
-----------------------------------------------------------------------------------------------

ANTISPAM

GENERAL                              SPAM TESTS              Score   SPAMASSASSIN
  Spam Mark:                  5       Use SPF:            True - 3    Use Spamassassin:    True
  Add X-HmailServer-Spam:     True    Check HELO host:    True - 2    Hostname:       127.0.0.1
  Add X-HmailServer-Reason:   True    Check MX records:   True - 2    Port:                 783
  Add X-HmailServer-Subject: False    Verify DKIM:       False        Use SA score:        True

  Spam delete threshold: 20         Maximum message size: 1024

DNSBL ENTRIES:
                  zen.spamhaus.org      Score: 3     Result: 127.0.0.2-8|127.0.0.10-11
                    bl.spamcop.net      Score: 3     Result: 127.0.0.2

SURBL ENTRIES:
                   multi.surbl.org      Score: 3

GREYLISTING:
  Greylisting:  False

WHITELISTING
              0.0.0.0            to    255.255.255.255              
edgarsgabranovs[@t]inbox[dot]lv
              0.0.0.0            to    255.255.255.255              logjuzino[@t]inbox[dot]lv
              0.0.0.0            to    255.255.255.255              serdolik9[@t]mail[dot]ru
              0.0.0.0            to    255.255.255.255              rekava-anita[@t]inbox[dot]lv
              0.0.0.0            to    255.255.255.255              
valentina[dot]fedulova[@t]balvi[dot]lv
              0.0.0.0            to    255.255.255.255              orders[@t]janus[dot]lv
              0.0.0.0            to    255.255.255.255              konivalei[@t]inbox[dot]lv
              0.0.0.0            to    255.255.255.255              
kupravasbiblioteka[@t]inbox[dot]lv
              0.0.0.0            to    255.255.255.255              
tilzasbiblioteka[@t]inbox[dot]lv
              0.0.0.0            to    255.255.255.255              
lazdukalnabiblioteka[@t]inbox[dot]lv
              0.0.0.0            to    255.255.255.255              
inese[dot]kocane[@t]inbox[dot]lv
              0.0.0.0            to    255.255.255.255              ineska9[@t]inbox[dot]lv
              0.0.0.0            to    255.255.255.255              ainabis[@t]inbox[dot]lv
              0.0.0.0            to    255.255.255.255              santexrekini[@t]apollo[dot]lv
              0.0.0.0            to    255.255.255.255              li/_git[@t]inbox[dot]lv
              0.0.0.0            to    255.255.255.255              
anna[dot]griestina[@t]inbox[dot]lv
              0.0.0.0            to    255.255.255.255              
kubulubiblioteka[@t]inbox[dot]lv
              0.0.0.0            to    255.255.255.255              
sandra[dot]locmele[@t]inbox[dot]lv
              0.0.0.0            to    255.255.255.255              aparesilvija[@t]inbox[dot]lv
              0.0.0.0            to    255.255.255.255              inwestsport[@t]tut[dot]by
              0.0.0.0            to    255.255.255.255              kkp[@t]kkplatvija[dot]lv
              0.0.0.0            to    255.255.255.255              
peipsi_project[@t]yahoo[dot]com
-----------------------------------------------------------------------------------------------

ANTIVIRUS

GENERAL:
  When found - Delete email. Notify Sender: True,  Notify Receiver: False

  Max Message Size: 1024
     CLAM AV:   True       Hostname: localhost    Port: 3310
     CLAMWIN:   False
     CUSTOMAV:  False

  Block Attachments: True
               *.bat             Batch processing file
               *.cab             Cab pielikumi
               *.cmd             Command file for Windows NT
               *.com             Command
               *.cpl             Windows Control Panel extension
               *.csh             CSH script
               *.doc.zip         Banku viruss
               *.exe             Executable file
               *.inf             Setup file
               *.lnk             Windows link file
               *.msi             Windows Installer file
               *.msp             Windows Installer patch
               *.reg             Registration key
               *.scf             Windows Explorer command
               *.scr             Windows Screen saver
               *docm             Cryptovirus
-----------------------------------------------------------------------------------------------

SSL CERTIFICATES
   No entries
-----------------------------------------------------------------------------------------------

SSL/TLS
             SSL 3.0 :   True
             TLS 1.0 :   True
             TLS 1.1 :   True
             TLS 1.2 :   True                Verify Remote SSL/TLS Certs:   True
SslCipherList  :

ECDHE-RSA-AES128-GCM-SHA256     - ECDHE-ECDSA-AES128-GCM-SHA256   - ECDHE-RSA-AES256-GCM-SHA384   
  
ECDHE-ECDSA-AES256-GCM-SHA384   - DHE-RSA-AES128-GCM-SHA256       - DHE-DSS-AES128-GCM-SHA256     
  
kEDH+AESGCM                     - ECDHE-RSA-AES128-SHA256         - ECDHE-ECDSA-AES128-SHA256     
  
ECDHE-RSA-AES128-SHA            - ECDHE-ECDSA-AES128-SHA          - ECDHE-RSA-AES256-SHA384       
  
ECDHE-ECDSA-AES256-SHA384       - ECDHE-RSA-AES256-SHA            - ECDHE-ECDSA-AES256-SHA        
  
DHE-RSA-AES128-SHA256           - DHE-RSA-AES128-SHA              - DHE-DSS-AES128-SHA256         
  
DHE-RSA-AES256-SHA256           - DHE-DSS-AES256-SHA              - DHE-RSA-AES256-SHA            
  
AES128-GCM-SHA256               - AES256-GCM-SHA384               - ECDHE-RSA-RC4-SHA             
  
ECDHE-ECDSA-RC4-SHA             - AES128                          - AES256                        
  
RC4-SHA                         - HIGH                            - !aNULL                        
  
!eNULL                          - !EXPORT                         - !DES                          
  
!3DES                           - !MD5                            - !PSK;                         
  
-----------------------------------------------------------------------------------------------

TCPIP PORTS                                         Connection Sec
               192.168.3.54    / 25    / SMTP   -   None                
               192.168.3.54    / 110   / POP3   -   None                
               192.168.3.54    / 5900  / IMAP   -   None                
-----------------------------------------------------------------------------------------------

LOGGING      Logging Enabled: True

  Paths:-
    Current:  C:\Program Files\hMailServer\Logs\hmailserver_2018-11-01.log
    Error:    C:\Program Files\hMailServer\Logs\ERROR_hmailserver_2018-11-01.log
    Event:    C:\Program Files\hMailServer\Logs\hmailserver_events.log - Not present
    Awstats:  C:\Program Files\hMailServer\Logs\hmailserver_awstats.log
                        APPLICATION -    True
                        SMTP        -    True
                        POP3        -      .
                        IMAP        -    True
                        TCPIP       -    True
                        DEBUG       -      .
                        AWSTATS     -      .
-----------------------------------------------------------------------------------------------

SYSTEM TESTS

Database type: MSSQL Compact

IPv6 support is not available in operating system.

ERROR: Backup directory E:\hmailserver is not writable.

Relative message paths are stored in the database for all messages.

-----------------------------------------------------------------------------------------------

HMAILSERVER.INI

[Directories]
Program folder:  C:\Program Files\hMailServer\
Database folder: C:\Program Files\hMailServer\Database
Data folder:     C:\Program Files\hMailServer\Data
Log folder:      C:\Program Files\hMailServer\Logs
Temp folder:     C:\Program Files\hMailServer\Temp
Event folder:    C:\Program Files\hMailServer\Events

[Database]
Type=              MSSQLCE
Username=           
PasswordEncryption=1
Port=              0
Server=             
Internal=          1
-----------------------------------------------------------------------------------------------

Generated by HMSSettingsDiagnostics v1.92, Hmailserver
Forum.

>>>>>>>>>>>>>>>>

User avatar
jimimaseye
Moderator
Moderator
Posts: 9076
Joined: 2011-09-08 17:48

Re: server receives messages addressed to wrong domain

Post by jimimaseye » 2018-11-01 21:13

This

Code: Select all

P: 0.0.0.0 - 255.255.255.255     Priority: 10     Name: Internet

  Allow Deliveries from                     Require Authentication from
     Local To Local       -  True              Local To Local       - False
 
Set authentication to true.

Also unless you have a valid reason you should remove the default domain too

Code: Select all

!! Warning: DEFAULT DOMAIN is SET !! - "Domain1.com"
[Entered by mobile. Excuse my spelling.]
5.7 on test.
SpamassassinForWindows 3.4.0 spamd service
AV: Clamwin + Clamd service + sanesecurity defs : https://www.hmailserver.com/forum/viewtopic.php?f=21&t=26829

antons
New user
New user
Posts: 16
Joined: 2016-01-18 12:46

Re: server receives messages addressed to wrong domain

Post by antons » 2018-11-07 08:35

OK.
Great Thanks for assistance!
I was a blind :-)

The main problem remains is SPAM messages with BCC.
Is there a remedy for it?

I would like to block them all.

User avatar
mattg
Moderator
Moderator
Posts: 21453
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: server receives messages addressed to wrong domain

Post by mattg » 2018-11-07 10:00

antons wrote:
2018-11-07 08:35
I would like to block them all.
As would we all

It is a continuous battle fighting SPAMMERs
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

antons
New user
New user
Posts: 16
Joined: 2016-01-18 12:46

Re: server receives messages addressed to wrong domain

Post by antons » 2018-11-07 10:37

Retoric:

In nowadays most valuable Internet users skill is maximally quick close spam message in browser or delete in email. Who reads SPAM? It's a social behaviouir?

User avatar
SorenR
Senior user
Senior user
Posts: 4595
Joined: 2006-08-21 15:38
Location: Denmark

Re: server receives messages addressed to wrong domain

Post by SorenR » 2018-11-07 11:03

antons wrote:
2018-11-07 10:37
Retoric:

In nowadays most valuable Internet users skill is maximally quick close spam message in browser or delete in email. Who reads SPAM? It's a social behaviouir?
There is no difference in TO, CC or BCC addressed SPAM. You will soon learn that TO/FROM headers are NEVER to be trusted and that the only true sender, is the sender shown in MAIL FROM in your SMTP logs. That sender is not immediately available for testing but the code below will make it accessible in the header "X-Envelope-From". Same with "X-Envelope-To". "X-Envelope-OriginalTo" is there in case recipient is an alias.

SPAM scoring is key. Low score SPAM the user can handle themselves. High score SPAM should be kept from the user.
My users NEVER see all the SPAM sent to them.

I've just been hit with a SPAM storm beyond normal for little over one week and about 65% of all received SPAM is kept from the users, the rest goes into their SPAM folder. My SPAMTrap user keep it for learning and reference and my users will never know it exists.

Code: Select all

Sub OnAcceptMessage(oClient, oMessage)
   Call XEnvelope(oMessage)
End Sub

Code: Select all

Sub XEnvelope(oMessage)
   Dim i, strEnvelope1, strEnvelope2
   For i = 0 To oMessage.Recipients.Count-1
      If (i = 0) Then
         strEnvelope1 = oMessage.Recipients(i).Address
         strEnvelope2 = oMessage.Recipients(i).OriginalAddress
      Else
         strEnvelope1 = strEnvelope1 & ", " & oMessage.Recipients(i).Address
         strEnvelope2 = strEnvelope2 & ", " & oMessage.Recipients(i).OriginalAddress
      End If
   Next
   oMessage.HeaderValue("X-Envelope-To") = strEnvelope1
   oMessage.HeaderValue("X-Envelope-OriginalTo") = strEnvelope2
   oMessage.HeaderValue("X-Envelope-From") = oMessage.FromAddress
   oMessage.Save
End Sub
SørenR.

Algorithm (noun.)
Word used by programmers when they do not want to explain what they did.

Post Reply