hmailserver - I suspect that a spammer may be using my server

email smtp spam
5,499

Solution 1

First thing I'd do is check your email logs to see what sort of activity you have.

It is also worth mentioning that just because you have SMTP authentication doesn't mean your server can't be used for spam.

Take a look at "Backscatter spam" as an example:

Wikipedia: Backscatter (email)

Solution 2

The easiest thing is to check SMTP, but also enable AWstats. I have not gone to the effort of actually installing AWstats to look at the data, but the text file that is produced by hmailserver is easily understandable.

Also, you may just want to keep the Administrator program open and load status > status and just check the number of processed messages.

However, out of the box, hmailserver is quite good at anti spam. Unless you allow, local domains and ones that you specifically set up a route for are the only ones it allows delivery for.

On top of that, it has pretty good internal anti spam for the mailboxes you host as well - (DNS, SURBL, grey listing and white listing).

So, basically, monitor over the next few days.

I have been using hmailserver for roughly the past 6 months and have not had a problem with spam regarding the out of the box settings - unless you specifically allow something

Solution 3

Assuming you are using Linux, you should look at the /var/log/maillog file. Plus, I think you shouldn't even be allowing remote SMTP from authenticated users. Only allow that from an internal network or certain ip addresses.

You can check if it is an open relay here: http://www.checkor.com/

Share:
5,499

Related videos on Youtube

prabu
Author by

prabu

Updated on September 17, 2022

Comments

  • prabu
    prabu over 1 year

    First, I'd like to verify whether or not a spammer is using my server. I've turned logging on -- which logs should I be checking specifically? Just SMTP?

    Second, I'd like to configure my domains/hmailserver to play nice with the email world. Is there anything I need to do to any of my domains or to my server settings to make this possible?

    My SMTP requires authentication, so I figured that would be enough... but I'm starting to doubt it.

  • John Gardeniers
    John Gardeniers almost 15 years
    That pretty much says what I would have said. The only extra step I'd take is to write a script to parse the logs and list all senders.
  • prabu
    prabu almost 15 years
    It would seem that some of my users are getting bounce-backs from other servers regarding a failure to send an email. However, it is clear that my users didn't send any of these messages (clearly spam). Sound like a candidate for backscatter? Thanks!
  • prabu
    prabu almost 15 years
    I currently have no spam protection enabled. Should I enable the two DNS blacklisting options? zen.spamhaus.org and bl.spamcop.net. There's also the option for SURBL protection, and I have that disabled too. Any thoughts?
  • William Hilsum
    William Hilsum almost 15 years
    If your clients are reporting little or no spam, it is not worth doing as it does slow down the delivery slightly. However, if you are getting increased amount of spam, I would enable these options.
  • KPWINC
    KPWINC almost 15 years
    hamlin, if you're getting bounce backs to your users and its clear your user didn't send the message then yes, you're probably a VICTIM of backscatter. You'll have to take a closer look at your mail headers but it sounds like someone else's server is sending out backscatter and your server is accepting the bounced/forged messages because they are addressed to YOUR users. Once again, that's just a guess based on what you told me. You'll have to do some extra digging to determing exactly what is incoming/outgoing from your server.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

how to avoid email header Received: from unknown and email going to spam
Emails sent through SMTP on VPS are considered to be spam
How to setup a reliable SMTP server on Windows Server 2008 R2
How to read the "MS ForeFront" antispam report in email header?
CBL This IP address is HELO'ing as "localhost.localdomain"
How does a Reverse DNS lookup work with regards to spam filters?
What is preferable, "no-reply@" or "noreply@"?
Fixing My MTA's Poor Reputation
spoof from address through gmail
Swiftmailer config : send mail using gmail