Fix my email server setup to stop spammers

Use this forum if you have installed hMailServer and want to ask a question related to a production release of hMailServer. Before posting, please read the troubleshooting guide. A large part of all reported issues are already described in detail here.
Post Reply
Ratalinux
New user
New user
Posts: 4
Joined: 2020-04-15 02:13

Fix my email server setup to stop spammers

Post by Ratalinux » 2020-04-15 04:40

Hello everybody!

I'm just another newbie trying to get this thing to work as it should.

At first (following some YouTube tutorials) I installed and setup the mail server and everything seemed to work ok.

After a while, I started to face problems sending and receiving emails.

On sending, I started to get one of these responses:

451 Rejected - No data saved
STARTTLS not supported and the user requires enforcement

On trying to read, I started to get a "connection refused" response (from GMail client).

When I tried to find out why, I discover that my IP become blacklisted due to spammers intrusion.

According to what I read about it to get this fixed, I have to setup my server properly and once I'm sure it is right, I need to ask the blacklist databases to remove my IP from their records.

This is my original setup, which was working "fine" until now:

Protocols:
SMTP Enabled
POP3 Disabled
IMAP Disabled

Auto-Ban Enabled

IP Ranges - My Computer:
127.0.0.1 / 127.0.0.1
Allow connections:
SMTP Enabled
POP3 Disabled
IMAP Disabled
Anti-spam Enabled
Anti-virus Enabled
SSL/TLS Disabled
Allow deliveries from: all options enabled (including External to External)
Require SMTP authentication: all options disabled

IP Ranges - Internet:
0.0.0.0 / 255.255.255.255
Allow connections:
SMTP Enabled
POP3 Disabled
IMAP Disabled
Anti-spam Enabled
Anti-virus Enabled
SSL/TLS Disabled
Allow deliveries from: all options enabled (including External to External)
Require SMTP authentication: all options disabled

According to this post:

https://www.hmailserver.com/documentati ... d_for_spam

...I should never enable External to External and I should require SMTP authentication.

I tried to do so, but I don't know if I'm on the right path.

What should I do ????

Thanks!

tunis
Senior user
Senior user
Posts: 256
Joined: 2015-01-05 20:22
Location: Sweden

Re: Fix my email server setup to stop spammers

Post by tunis » 2020-04-15 07:54

Ratalinux wrote:
2020-04-15 04:40
According to this post:

https://www.hmailserver.com/documentati ... d_for_spam

...I should never enable c and I should require SMTP authentication.

I tried to do so, but I don't know if I'm on the right path.

What should I do ????
Disable External to External if you don't relay email.

Enable require SMTP authentication on all except External to Local (for incoming mail to your server).
HMS 5.6.8 B2494.25 on Windows Server 2019 Core VM.
HMS 5.6.8 B2505.27 on Windows Server 2016 Core VM.
HMS 5.6.7 B2425.16 on Windows Server 2012 R2 Core VM.

User avatar
jimimaseye
Moderator
Moderator
Posts: 8777
Joined: 2011-09-08 17:48

Re: Fix my email server setup to stop spammers

Post by jimimaseye » 2020-04-15 09:21

5.7 on test.
SpamassassinForWindows 3.4.0 spamd service
AV: Clamwin + Clamd service + sanesecurity defs : https://www.hmailserver.com/forum/viewtopic.php?f=21&t=26829

User avatar
RvdH
Senior user
Senior user
Posts: 1136
Joined: 2008-06-27 14:42
Location: Netherlands

Re: Fix my email server setup to stop spammers

Post by RvdH » 2020-04-15 09:39

Amazing to see people still/always mess with the default ip ranges when they start using a mail server :shock: :?: :!:
CIDR to RegEx: d-fault.nl/CIDRtoRegEx
DNS Lookup: d-fault.nl/DNSTools
DNSBL Lookup: d-fault.nl/DNSBLLookup
GEOIP Lookup: d-fault.nl/GeoipLookup

palinka
Senior user
Senior user
Posts: 2169
Joined: 2017-09-12 17:57

Re: Fix my email server setup to stop spammers

Post by palinka » 2020-04-15 14:27

RvdH wrote:
2020-04-15 09:39
Amazing to see people still/always mess with the default ip ranges when they start using a mail server :shock: :?: :!:
Maybe someone should change the button that resets to default settings: turn it into a big round red button that says "DO NOT PRESS THIS BUTTON!". Then most of these issues would go away. :mrgreen:

Ratalinux
New user
New user
Posts: 4
Joined: 2020-04-15 02:13

Re: Fix my email server setup to stop spammers

Post by Ratalinux » 2020-04-15 19:14

Thanks tunis! I really don't know if I'm going to relay email or not, because honestly I don't know exactly what that means. Anyway, I'll keep that disabled by now.

Thanks jimimaseye! Here's the diagnostic results:

Code: Select all

2020-04-15   Hmailserver: 5.6.7-B2425

DOMAINS

   "Domain1.com" - e-xxxxxxxxx.com                Enabled: True

SIGNATURE         LIMITS                       DKIM               ADVANCED
  Enabled: False   Max size:                0   Enabled: False   
                   Max message size:        0                      Plus addressing: False
                   Max size of accounts:    0                    
                                                                   Greylisting:     False
-----------------------------------------------------------------------------------------------

IP RANGES

IP: 127.0.0.1 - 127.0.0.1     Priority: 15     Name: My computer

  Allow connections                         Other
     SMTP:   True                              Antispam :   True !! 'Spam tests' not enabled !!
     POP3:   True                              Antivirus:   True !! ANTIVIRUS NOT CONFIGURED !!
     IMAP:  False                              SSL/TLS:    False

  Allow Deliveries from                     Require Authentication from
     Local To Local       -  True              Local To Local       -  True
     Local To External    -  True              Local To External    -  True
     External To Local    -  True              External To Local    - False
     External To External - False           


IP: 0.0.0.0 - 255.255.255.255     Priority: 10     Name: Internet

  Allow connections                         Other
     SMTP:   True                              Antispam :   True !! 'Spam tests' not enabled !!
     POP3:   True                              Antivirus:   True !! ANTIVIRUS NOT CONFIGURED !!
     IMAP:  False                              SSL/TLS:    False

  Allow Deliveries from                     Require Authentication from
     Local To Local       -  True              Local To Local       -  True
     Local To External    -  True              Local To External    -  True
     External To Local    -  True              External To Local    - False
     External To External - False           


------------------------------------------------------
AUTOBANNED Local Addresses:
    No entries

-----------------------------------------------------------------------------------------------

AUTOBAN
  Autoban Enabled: True       Max invalid logon attempts:      3
                              Minutes Before Reset:           30  (0,50 hours, 0,02 days)
                              Minutes to Autoban:             60  (1,00 hours, 0,04 days)

There is a total of 3 auto-ban IP ranges.
-----------------------------------------------------------------------------------------------

INCOMING RELAYS
   No entries
-----------------------------------------------------------------------------------------------

MIRRORING         Disabled
-----------------------------------------------------------------------------------------------

PROTOCOLS

SMTP
GENERAL             DELIVERY                  RFC COMPLIANCE            ADVANCED
No. Connections:  0  No Retries:  4 Mins: 60   Plain Text:        False  Bind: 
                     Host: EXTERNAL.TLD        Empty sender:       True  Batch recipients:   100
Max Msg Size: 20480  Relay:-                   Incorrect endings:  True  Use STARTTLS:      True
                     (none entered)            Disc. on invalid:  False  Delivered-To hdr: False
                                                                         Loop limit:           5
                                                                         Recipient hosts:     15
  Routes:
     No routes defined.

POP3
  No. Connections: 0

IMAP
 !! Service Not Enabled !!
-----------------------------------------------------------------------------------------------

ANTISPAM

GENERAL                              SPAM TESTS              Score   SPAMASSASSIN
  Spam Mark:                  5       Use SPF:           False        Use Spamassassin:   False
  Add X-HmailServer-Spam:     True    Check HELO host:   False    
  Add X-HmailServer-Reason:   True    Check MX records:  False    
  Add X-HmailServer-Subject: False    Verify DKIM:       False    

  Spam delete threshold: 20         Maximum message size: 1024

DNSBL ENTRIES:
   No 'enabled' entries

SURBL ENTRIES:
   No 'enabled' entries

GREYLISTING:
  Greylisting:  False

WHITELISTING
   No entries
-----------------------------------------------------------------------------------------------

ANTIVIRUS:  No application configured.

  Block Attachments: False
-----------------------------------------------------------------------------------------------

SSL CERTIFICATES
   No entries
-----------------------------------------------------------------------------------------------

SSL/TLS
             SSL 3.0 :  False
             TLS 1.0 :   True
             TLS 1.1 :   True
             TLS 1.2 :   True                Verify Remote SSL/TLS Certs:   True
SslCipherList  :

ECDHE-RSA-AES128-GCM-SHA256     - ECDHE-ECDSA-AES128-GCM-SHA256   - ECDHE-RSA-AES256-GCM-SHA384     
ECDHE-ECDSA-AES256-GCM-SHA384   - DHE-RSA-AES128-GCM-SHA256       - DHE-DSS-AES128-GCM-SHA256       
kEDH+AESGCM                     - ECDHE-RSA-AES128-SHA256         - ECDHE-ECDSA-AES128-SHA256       
ECDHE-RSA-AES128-SHA            - ECDHE-ECDSA-AES128-SHA          - ECDHE-RSA-AES256-SHA384         
ECDHE-ECDSA-AES256-SHA384       - ECDHE-RSA-AES256-SHA            - ECDHE-ECDSA-AES256-SHA          
DHE-RSA-AES128-SHA256           - DHE-RSA-AES128-SHA              - DHE-DSS-AES128-SHA256           
DHE-RSA-AES256-SHA256           - DHE-DSS-AES256-SHA              - DHE-RSA-AES256-SHA              
AES128-GCM-SHA256               - AES256-GCM-SHA384               - ECDHE-RSA-RC4-SHA               
ECDHE-ECDSA-RC4-SHA             - AES128                          - AES256                          
RC4-SHA                         - HIGH                            - !aNULL                          
!eNULL                          - !EXPORT                         - !DES                            
!3DES                           - !MD5                            - !PSK;                           
-----------------------------------------------------------------------------------------------

TCPIP PORTS                                         Connection Sec
               0.0.0.0         / 25    / SMTP   -   None                
               0.0.0.0         / 110   / POP3   -   None                
               0.0.0.0         / 143   / IMAP   -   None                
               0.0.0.0         / 587   / SMTP   -   None                
-----------------------------------------------------------------------------------------------

LOGGING      Logging Enabled: True

  Paths:-
    Current:  E:\hMailServer\Logs\hmailserver_2020-04-15.log
    Error:    E:\hMailServer\Logs\ERROR_hmailserver_2020-04-15.log
    Event:    E:\hMailServer\Logs\hmailserver_events.log - Not present
    Awstats:  E:\hMailServer\Logs\hmailserver_awstats.log
                        APPLICATION -    True
                        SMTP        -    True
                        POP3        -    True
                        IMAP        -    True
                        TCPIP       -      .
                        DEBUG       -      .
                        AWSTATS     -      .
-----------------------------------------------------------------------------------------------

SYSTEM TESTS

Database type: MSSQL Compact

IPv6 support is available in operating system.

Backup directory G:\HMailServerBackups is writable.

Relative message paths are stored in the database for all messages.

-----------------------------------------------------------------------------------------------

HMAILSERVER.INI

[Directories]
Program folder:  E:\hMailServer\
Database folder: E:\hMailServer\Database
Data folder:     E:\hMailServer\Data
Log folder:      E:\hMailServer\Logs
Temp folder:     E:\hMailServer\Temp
Event folder:    E:\hMailServer\Events

[Database]
Type=              MSSQLCE
Username=           
PasswordEncryption=1
Port=              0
Server=             
Internal=          1
-----------------------------------------------------------------------------------------------

Generated by HMSSettingsDiagnostics v1.99, Hmailserver Forum.

Ratalinux
New user
New user
Posts: 4
Joined: 2020-04-15 02:13

Re: Fix my email server setup to stop spammers

Post by Ratalinux » 2020-04-15 19:26

Thanks again tunis & jimimaseye!

According to my mail server logs, all spam intrusion attempts are being properly blocked now.

Please let me know if based on the diagnostic report I sent, my setup is correct now and I can start the blacklist removal requests or if I need to fine tune anything else, like anti-virus, anti-spam, a stronger authentication method or anything like that.

I really appreciate you taking the time to give me a hand here.

Thanks again! :D

User avatar
jimimaseye
Moderator
Moderator
Posts: 8777
Joined: 2011-09-08 17:48

Re: Fix my email server setup to stop spammers

Post by jimimaseye » 2020-04-15 21:17

The setup looks acceptable now. You can increase comfort with the use of spamassassin and and antivirus but you basic setup is ok.

[Entered by mobile. Excuse my spelling.]
5.7 on test.
SpamassassinForWindows 3.4.0 spamd service
AV: Clamwin + Clamd service + sanesecurity defs : https://www.hmailserver.com/forum/viewtopic.php?f=21&t=26829

Ratalinux
New user
New user
Posts: 4
Joined: 2020-04-15 02:13

Re: Fix my email server setup to stop spammers

Post by Ratalinux » 2020-04-16 03:58

Thanks once again! :D

Post Reply