Search found 50 matches
- Tue Dec 12, 2023 9:03 am
- Forum: MailEnable Standard Edition
- Topic: Port 25 is blocked by the data center company
- Replies: 2
- Views: 2675
Re: Port 25 is blocked by the data center company
The only mail that will appear is that which comes in from your "clients" via submission port (usually 587/TLS or 465/SSL). I'm not criticizing and this is probably not what you intended to write but it does make it look like 587 uses TLS and 465 uses SSL. For future readers: Port 587 uses "explici...
- Sun Sep 17, 2023 12:52 am
- Forum: MailEnable Enterprise Edition
- Topic: Connection Dropping not function
- Replies: 18
- Views: 19851
Re: Connection Dropping not function
Will that fix also prevent responses being sent for RCPTs that are streamed/pipelined in or just prevent them being logged? Part of the problem appears to be that 550 responses are sent for all pipelined RCPTs. That allows harvesting of a valid recipient address if the harvester is able to hit one a...
- Fri Sep 01, 2023 9:03 pm
- Forum: MailEnable Standard Edition
- Topic: Mails being received in my inbox when not addressed to me
- Replies: 1
- Views: 3698
Re: Mails being received in my inbox when not addressed to me
Hi Tim,
Probably you are seeing the same thing described in this thread:
https://www.mailenable.com/forum/viewtopic.php?p=117502#p117502
Cheers,
Phil
Probably you are seeing the same thing described in this thread:
https://www.mailenable.com/forum/viewtopic.php?p=117502#p117502
Cheers,
Phil
- Fri Jun 09, 2023 11:49 pm
- Forum: MailEnable Enterprise Edition
- Topic: Invalid Email Account Login Attempts
- Replies: 25
- Views: 75510
Re: Invalid Email Account Login Attempts
MailEnable does not support the pipelining SMTP extension. RFC 2920 SMTP for Command Pipelining September 2000 1. Introduction . This memo uses the mechanism described in [RFC-1869] to define an extension to the SMTP service whereby an SMTP server can declare that it is capable of handling pipeline...
- Tue Jun 06, 2023 11:03 pm
- Forum: MailEnable Enterprise Edition
- Topic: Invalid Email Account Login Attempts
- Replies: 25
- Views: 75510
Re: Invalid Email Account Login Attempts
When a friend and I had these attacks, I was able to see that the client "pipelines" RCPT commands without waiting for the server's 250-PIPELINING response. It seems as though ME doesn't detect this unauthorized pipelining and accepts all the RCPT commands.
dcol, I sent you a PM
dcol, I sent you a PM
- Fri May 26, 2023 12:33 am
- Forum: MailEnable Enterprise Edition
- Topic: Connection Dropping not function
- Replies: 18
- Views: 19851
Re: Connection Dropping not function
As I mentioned in the other thread, zen.spamhaus.org caught all of these harvesters/spammers. Although my sample size was small (only saw 6 harvesting attempts), it may well be worth a try. I haven't seen any further hits in the past week and I guess they gave up. Just be careful you are not using a...
- Tue May 23, 2023 9:42 pm
- Forum: MailEnable Enterprise Edition
- Topic: phishing for active accounts
- Replies: 2
- Views: 2688
Re: phishing for active accounts
I've seen the same attempts but only a handful of source IPs. Using zen.spamhaus.org for DNSBL has caught them all. See: https://www.mailenable.com/documentation/10.0/Standard/SMTP_props_-Security.html "Drop a connection when the failed number of commands or recipients reaches" Alternatively. "Restr...
- Thu Mar 09, 2023 4:38 am
- Forum: MailEnable Enterprise Edition
- Topic: Losing connection to client machine
- Replies: 2
- Views: 3334
Re: Losing connection to client machine
Apologies if you had already worked this out but the postfix log is saying that, after establishing a TCP connection, it waited for 30 seconds for an SMTP greeting from your ME server but that never arrived. delays=0.03/0.03/30/0, . . . (lost connection with mail.myserver.co.uk[xx.xx.xx.xx] while re...
- Fri Sep 02, 2022 5:35 am
- Forum: MailEnable Enterprise Edition
- Topic: How can we reject emails that claim to be from the recipient but are not? Spoofed emails.
- Replies: 12
- Views: 14227
Re: How can we reject emails that claim to be from the recipient but are not? Spoofed emails.
Fair enough. I'm only running a personal mail server and can pretty easily deal with any false positives.
I'm not aware of anything that would help you. Hopefully someone else will have some suggestions.
I'm not aware of anything that would help you. Hopefully someone else will have some suggestions.
- Fri Sep 02, 2022 1:11 am
- Forum: MailEnable Enterprise Edition
- Topic: How can we reject emails that claim to be from the recipient but are not? Spoofed emails.
- Replies: 12
- Views: 14227
Re: How can we reject emails that claim to be from the recipient but are not? Spoofed emails.
[quote=kiamori post_id=118762 time=1662078762 user_id=18984] spamhaus has to many false positives, Notice the X-RBL-Result: Generic, Fail we already use 0spam.org which is great for catching spam like this and filtering it into junk but I am looking for a way to filter based on sender data alone and...
- Thu Sep 01, 2022 11:37 pm
- Forum: MailEnable Enterprise Edition
- Topic: How can we reject emails that claim to be from the recipient but are not? Spoofed emails.
- Replies: 12
- Views: 14227
Re: How can we reject emails that claim to be from the recipient but are not? Spoofed emails.
Try using zen.spamhaus.org to check the connecting IP. https://www.mailenable.com/kb/content/article.asp?ID=ME020084 Have a look at this: https://check.spamhaus.org/listed/?searchterm=185.173.176.61 IMHO, the whole 185.0.0.0/8 is a steaming pile of $#!+ BTW, did you notice the dates in the headers? ...
- Mon Aug 23, 2021 9:14 pm
- Forum: MailEnable Standard Edition
- Topic: Emails to non-existent accounts being sent to users
- Replies: 9
- Views: 17574
Re: Emails to non-existent accounts being sent to users
Hi Jan, If that is true (ME uses only RCPT TO address, and thus not looking at any other headers) ... That's the way all mail servers (or, more specifically, all Mail Transfer Agents) work. ... I assume the DNSBL test used a domain to get to this IP. The IP is simply the address of the host that mad...
- Thu Aug 19, 2021 1:28 am
- Forum: MailEnable Standard Edition
- Topic: Emails to non-existent accounts being sent to users
- Replies: 9
- Views: 17574
Re: Emails to non-existent accounts being sent to users
But ME will only use the RCPT TO address to decide a) whether the addressee is valid and b) which mailbox to deliver the message to. Just like snail mail: the postman only reads the envelope. The details on the letter inside may be completely different from what's on the envelope and the "headers" o...
- Wed Aug 18, 2021 5:52 am
- Forum: MailEnable Standard Edition
- Topic: Emails to non-existent accounts being sent to users
- Replies: 9
- Views: 17574
Re: Emails to non-existent accounts being sent to users
Hi Jan,
Assuming your search and replace was good, the email was sent to your email address:
2021-08-02 18:20:07 62.75.207.34 SMTP-IN company.com ##.##.##.## 1728 RCPT RCPT+TO:<jvdbroek@company.com> 250+Requested+mail+action+okay,+completed WIN-SERVER 43 37 -
Assuming your search and replace was good, the email was sent to your email address:
2021-08-02 18:20:07 62.75.207.34 SMTP-IN company.com ##.##.##.## 1728 RCPT RCPT+TO:<jvdbroek@company.com> 250+Requested+mail+action+okay,+completed WIN-SERVER 43 37 -
- Thu Mar 04, 2021 5:00 am
- Forum: MailEnable Standard Edition
- Topic: Thousands of AUTH LOGIN Attempts
- Replies: 7
- Views: 30988
Re: Thousands of AUTH LOGIN Attempts
Interesting option.
One thing I had wondered about was the ban time that Mailenable's built-in RDNS implements.
I assume it's not "forever" but I couldn't find any information on that.
One thing I had wondered about was the ban time that Mailenable's built-in RDNS implements.
I assume it's not "forever" but I couldn't find any information on that.