Search found 1116 matches

by RvdH
2020-10-30 12:06
Forum: General discussions
Topic: External to External mail issue
Replies: 30
Views: 587

Re: External to External mail issue

The settings and the logs was on the same time. But after i removed the default domainname (all the users must login with name and domainname was that not a problem for me) And after i turned my firewall on, the mailserver is using 'normal' again. Like i said earlier either you're info was incomple...
by RvdH
2020-10-30 01:24
Forum: General discussions
Topic: External to External mail issue
Replies: 30
Views: 587

Re: External to External mail issue

mattg wrote:
2020-10-29 23:40
RvdH wrote:
2020-10-29 14:49
That is very strange as your ip ranges says it can not
Unless the default domain is ALSO one of the whitelist entries
Whitelisting doesn't bypass authentication, does it :?:
Nah, that doesn't sound right...maybe i don't get what you mean as whitelisting only seems to bypass spam checks
by RvdH
2020-10-29 14:49
Forum: General discussions
Topic: External to External mail issue
Replies: 30
Views: 587

Re: External to External mail issue

"SMTPD" 2588 854 "2020-10-27 15:36:04.527" "110.7.128.242" "RECEIVED: MAIL FROM:<jellieskinderkleding.>" "SMTPD" 2588 854 "2020-10-27 15:36:04.527" "110.7.128.242" "SENT: 250 OK" "SMTPD" 5064 854 "2020-10-27 15:36:07.105" "110.7.128.242" "RECEIVED: RCPT TO:<Neale.Caegraphics.>" "SMTPD" 5064 854 "20...
by RvdH
2020-10-28 16:27
Forum: General discussions
Topic: External to External mail issue
Replies: 30
Views: 587

Re: External to External mail issue

Looks like you left out some essential information, can you post the log lines that were right above below snippet of yesterdays logfile? "SMTPC" 4756 896 "2020-10-27 15: 36: 18.236" "194.109.6.51" "RECEIVED: 220 smtp-cloud7.xs4all.net smtp-cloud7.xs4all.net ESMTP server ready" "SMTPC" 4756 896 "202...
by RvdH
2020-10-28 09:59
Forum: General discussions
Topic: External to External mail issue
Replies: 30
Views: 587

Re: External to External mail issue

No the problem still exists after i changed the ISP password Can you please EXPLAIN in very small detail exactly what you did and where, to change this ISP password (Don't tell the password though) I'm just making sure that you are in fact changing the user name password for the compromised account...
by RvdH
2020-10-27 22:44
Forum: General discussions
Topic: External to External mail issue
Replies: 30
Views: 587

Re: External to External mail issue

No the problem still exists after i changed the ISP password That is strange, your logs says it blocks access, eg: 535 Authentication failed, check your logs here: https://log.damnation.org.uk/ "SMTPD" 2228 1758 "2020-10-27 16:26:21.724" "171.242.64.127" "RECEIVED: AUTH LOGIN" "SMTPD" 2228 1758 "20...
by RvdH
2020-10-27 21:54
Forum: General discussions
Topic: External to External mail issue
Replies: 30
Views: 587

Re: External to External mail issue

After you changed the password for the hscomput account the problem went away, right? "SENT: 535 Authentication failed. Restarting authentication process." That script doesn't catch and deny such attempt "RECEIVED: 250 2.1.0 < cole.connell @jellieskinderkleding.nl> sender ok" it still allows *@jelli...
by RvdH
2020-10-27 21:36
Forum: General discussions
Topic: External to External mail issue
Replies: 30
Views: 587

Re: External to External mail issue

I dont aware of it, but i cant imagine that this solved my problem And your reply is directed towards? FYI, TLS 1.3 has nothing , and i mean nothing to do with your problem :!: The problem you have/had is that an account is/was compromised, hijacked or even simply guessed (if it was a weak password...
by RvdH
2020-10-27 17:12
Forum: General discussions
Topic: External to External mail issue
Replies: 30
Views: 587

Re: External to External mail issue

aHNjb21wdXQ = base64 encoded string that represents hscomput Account hscomput seems compromised, i would change the password immediately :!: Both IP's listed are xs4all IP's, mmmm, relay? We need more logs and please post diagnostic report requested in my first reply But you have more issues, one is...
by RvdH
2020-10-27 16:51
Forum: General discussions
Topic: External to External mail issue
Replies: 30
Views: 587

Re: External to External mail issue

please run this and post the results
viewtopic.php?f=20&t=30914

It seems the user sending is authenticated, maybe the account is hijacked or password leaked in a data breach, account is question: hscomput

Do you have a reason to have a default domain enabled?
by RvdH
2020-10-27 12:34
Forum: General discussions
Topic: Anyone using Hmailserver with Windows Defender?
Replies: 6
Views: 147

Re: Anyone using Hmailserver with Windows Defender?

C.I. wrote:
2020-10-27 09:08
Thank you.
The return code was an issue many years ago (or so it seems to me).
Hasn't Microsoft fixed it in the meanwhile?
Try it and let us know :wink:
by RvdH
2020-10-23 19:16
Forum: General discussions
Topic: 5.6.8-B2431 SPF Check Failures
Replies: 29
Views: 801

Re: 5.6.8-B2431 SPF Check Failures

Greta wrote:
2020-10-23 07:41
Clearly. Thanks for quickly fixing the software.

The emails now arrive without an SPF error :D
👍
by RvdH
2020-10-22 22:13
Forum: General discussions
Topic: 550 Rejected by SpamCop - when using Sendgrid
Replies: 24
Views: 285

Re: 550 Rejected by SpamCop - when using Sendgrid

Attacking? Maybe i an guilty of making fun of you a little :wink:

Before you edited your initial post there was no mention of e-mail receiving from sendgrid by your hmailserver instance that triggered that message, hence it only looked like sendgrid returned that message when you send mail to it
by RvdH
2020-10-22 15:06
Forum: General discussions
Topic: 550 Rejected by SpamCop - when using Sendgrid
Replies: 24
Views: 285

Re: 550 Rejected by SpamCop - when using Sendgrid

Tell me, how is your question related to hMailServer?
by RvdH
2020-10-22 10:03
Forum: General discussions
Topic: 5.6.8-B2431 SPF Check Failures
Replies: 29
Views: 801

Re: 5.6.8-B2431 SPF Check Failures

Ah clearly. I now have version .27 running :-) But if a new version is published on the download page of hmailserver.com, will these bug fixes also be included? Nope, unfortunately not, like i said the author of hmailserver (martin) choose to not backported to 5.6.x and only commit them to 5.7 bran...
by RvdH
2020-10-22 08:59
Forum: General discussions
Topic: 5.6.8-B2431 SPF Check Failures
Replies: 29
Views: 801

Re: 5.6.8-B2431 SPF Check Failures

5.6.8-B2505 or 5.6.8-B2505. 27 ? Where can I find that. HMail admin status give me 5.6.8-B2505. And hMailServer.exe properties give a file version 1.0.0.1 I already have it, i examined the changelog and came to the conclusion it's not worth to upgrade, no functionality related to macro's usage is a...
by RvdH
2020-10-21 20:22
Forum: General discussions
Topic: 5.6.8-B2431 SPF Check Failures
Replies: 29
Views: 801

Re: 5.6.8-B2431 SPF Check Failures

Hmm... RvdH is using the RMSPF library version 1.10. I am using version 1.12 ... Want to try my version of 5.6.8 ? I've attached RMSPF 1.12 for RvdH :mrgreen: I already have it, i examined the changelog and came to the conclusion it's not worth to upgrade, no functionality related to macro's usage ...
by RvdH
2020-10-21 19:55
Forum: General discussions
Topic: 5.6.8-B2431 SPF Check Failures
Replies: 29
Views: 801

Re: 5.6.8-B2431 SPF Check Failures

5.6.8-B2505 or 5.6.8-B2505.27?
by RvdH
2020-10-21 18:23
Forum: General discussions
Topic: TLS 1.2 problem in Windows Azure
Replies: 4
Views: 124

Re: TLS 1.2 problem in Windows Azure

Looking at your log the mail is delivered successfully to recipient @afip.gob.ar
by RvdH
2020-10-21 12:49
Forum: Off-topic discussions
Topic: Why using "master" in Github is bad ...
Replies: 22
Views: 2065

Re: Why using "master" in Github is bad ...

I came across a thing called 'USER_IN_WELCOMELIST', previously know as 'USER_IN_WHITELIST' in spamassassin....we are kind of going crazy with blm, aren't we?

Allthough, blacklist_from seems unchanged (yet)
by RvdH
2020-10-21 08:43
Forum: General discussions
Topic: 5.6.8-B2431 SPF Check Failures
Replies: 29
Views: 801

Re: 5.6.8-B2431 SPF Check Failures

FYI: v=spf1 exists:_i.%{i}._h.%{h}._o.%{o}._spf.testdomain.com -all 1. with existing A-record that matches _i.xxx.xxx.xxx.xxx ._h.mail.testdomain.nl._o.testdomain.com._spf.testdomain.com "DEBUG" 8220 "2020-10-19 22:47:57.177" "Spam test: SpamTestSPF xxx.xxx.xxx.xxx ruud@testdomain.com mail.testdomai...
by RvdH
2020-10-20 22:03
Forum: General discussions
Topic: 5.6.8-B2431 SPF Check Failures
Replies: 29
Views: 801

Re: 5.6.8-B2431 SPF Check Failures

I need to dust off some old 'C' skills ;-) Unfortunately, I cannot help you with that. If I could, I would have solved it myself :wink: Thanks for looking at it! @Greta SorenRR and myself have done some test with such SPF record and SorenRR made a fix for it, included in this build Nu komt mail van...
by RvdH
2020-10-20 21:13
Forum: Development & alpha discussions
Topic: Sub OnHELO(oClient) progress?
Replies: 218
Views: 181226

Re: Sub OnHELO(oClient) progress?

Latest is 5.6.8-B2505.27 Just install the latest production and/or beta artifact from the URL below, then copy and overwrite files in this archive in hmailserver '/bin' directory https://build.hmailserver.com/viewLog.html?buildId=810&buildTypeId=HMailServer_BuildHMailServer56&tab=artifacts (login as...
by RvdH
2020-10-19 01:29
Forum: General discussions
Topic: DNS Records Configuration - Email Going Straight to Spam Box???
Replies: 4
Views: 184

Re: DNS Records Configuration - Email Going Straight to Spam Box???

You, or maybe the previous owner of that ip(block) have been spamming as i noticed your ipaddress is listen on the b.barracudacentral.org blacklist

https://mxtoolbox.com/SuperTool.aspx?ac ... n=toolpage
by RvdH
2020-10-18 22:11
Forum: General discussions
Topic: Where to place created MX record in hMail
Replies: 27
Views: 497

Re: Where to place created MX record in hMail

Technically I believe you would still be able to send email out to the Internet but you wouldn't be able to Receive Email. Off topic, fyi: If no MX exists the fallback is A-record, so in theory you can still receive mail from the internet without MX. Although using MX is the standard globally, some...
by RvdH
2020-10-07 08:47
Forum: Feature requests
Topic: Strip the IP and (host-)name of the original sender
Replies: 5
Views: 485

Re: Strip the IP and (host-)name of the original sender

https://www.hmailserver.com/forum/viewtopic.php?t=18467 ' Strips out private IP addresses from Received header ' if the client's IP address is in 172.16.0.0/16 Sub OnAcceptMessage(oClient, oMessage) ' Check client's IP address if Left(oClient.IPAddress, 7) = "172.16." Then Dim oHeaders set oHeaders ...
by RvdH
2020-09-19 12:10
Forum: General discussions
Topic: Can I ban double attachment extensions like *.gz.txt?
Replies: 6
Views: 418

Re: Can I ban double attachment extensions like *.gz.txt?

It seems like I cannot. Neither SpamAssassin nor ClamAV+SaneSecurity can block *.GZ.txt attachments and I got tons of spams everyday. Spamassassin for sure can score it. try this: full GZ_TXT_CRAP /\bcontent\-[^\r\n]+?(|file)name\=(\"|).+?(|[\r\n]).+?\.gz\.txt\b/i score GZ_TXT_CRAP 10.00 # ifplugin...
by RvdH
2020-09-01 09:19
Forum: Scripting
Topic: Capturing attempted logins ????
Replies: 16
Views: 1066

Re: Capturing attempted logins ????

mattg wrote:
2020-09-01 08:19
but you didn't try to AUTH

what are the SSL and TCP-IP settings for port 587 @palinka
no wonder it doesn't work :lol:

You have to send the AUTH LOGIN command to login like mattg said
by RvdH
2020-08-31 18:41
Forum: Scripting
Topic: Capturing attempted logins ????
Replies: 16
Views: 1066

Re: Capturing attempted logins ????

I looked in my custom db log for all failed logins NOT with my domains and there are only 14 hits in the past year and all of them are on IMAP ports. Its been working the entire time, its just that these logins are extremely rare. That's not the case for SMTP, however. There are tons of those every...
by RvdH
2020-08-27 21:57
Forum: Scripting
Topic: Capturing attempted logins ????
Replies: 16
Views: 1066

Re: Capturing attempted logins ????

I only log invalid logins, both port and ip address are logged correctly, and in my logs i really do see some non-existent usernames from time to time Example code snippet: Sub OnClientLogon(oClient) If Not oClient.Authenticated then EventLog.Write("WARN: Failed login for " & oClient.Username & " fr...
by RvdH
2020-08-09 09:18
Forum: User contributed hMailServer 5 scripts
Topic: Tool to migrate from Imail 8.15 to latest version of hmail
Replies: 9
Views: 1075

Re: Tool to migrate from Imail 8.15 to latest version of hmail

I think i might have a copy of this program, interested? Back in the day i used this to migrate from imail to hmail
by RvdH
2020-07-25 18:34
Forum: User-submitted tutorials
Topic: Checking SSL ciphers
Replies: 4
Views: 6688

Re: Checking SSL ciphers

Thanks, useful ✔️
by RvdH
2020-07-15 17:37
Forum: General discussions
Topic: Rouncube password
Replies: 23
Views: 2119

Re: Rouncube password

i don't know what you are doing, all steps explained above work fine here As of your last remark, that simply looks like a setting of the password plugin, \plugins\password\config.inc.php // Password Plugin options // ----------------------- // A driver to use for password change. Default: "sql". //...
by RvdH
2020-07-15 15:16
Forum: SpamAssassin implementation discussions
Topic: How to set score for certain texts?
Replies: 22
Views: 3397

Re: How to set score for certain texts?

Q1) Rule looks fine and should be captured when in local.cf

Q2) meta PHISH_SUBJECT (PHISH_SUBJECT_1 && PHISH_SUBJECT_2 && PHISH_SUBJECT_3) would work if you specify PHISH_SUBJECT_3 regex

Q3) I haven't heard/seen limits of spamassassin regex's
by RvdH
2020-07-09 13:08
Forum: General discussions
Topic: Auto-ban - Fraudsters blocked
Replies: 8
Views: 897

Re: Auto-ban - Fraudsters blocked

Nowadays my auto-ban entries are no longer then 24h....don't get me wrong i also used to ban them way longer in the past, but in the end of the day it doesn't matter, as the abusive IP addresses are simply automatically banned again if they visit again after the previous auto-ban is expired It is a ...
by RvdH
2020-07-09 11:49
Forum: General discussions
Topic: Auto-ban - Fraudsters blocked
Replies: 8
Views: 897

Re: Auto-ban - Fraudsters blocked

Hello, I have Auto-ban set up on the hMailServer. It is working great. :) My server detected and blocked over 25 different fraudulent attempts from various IP addresses in almost 30 days period. Fraudsters were trying to use my mail server to send emails :evil: with domain accounts that do NOT exis...
by RvdH
2020-07-07 19:13
Forum: General discussions
Topic: Rouncube password
Replies: 23
Views: 2119

Re: Rouncube password

I restart server at Your sugestion but situation are the same. Error on server log: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} i identyfikato...
by RvdH
2020-07-07 12:30
Forum: General discussions
Topic: Rouncube password
Replies: 23
Views: 2119

Re: Rouncube password

Mmm, that is strange, that should be sufficient (it does here)
Have you tried restarting IIS after changing DCOM permissions?
by RvdH
2020-07-07 12:01
Forum: General discussions
Topic: Rouncube password
Replies: 23
Views: 2119

Re: Rouncube password

Roundcube makes use of the DefaultAppPool?
Otherwise you have to replace DefaultAppPool with the ApplicationPool it actually runs under (Or visa versa)
by RvdH
2020-07-07 11:50
Forum: General discussions
Topic: Rouncube password
Replies: 23
Views: 2119

Re: Rouncube password

benio wrote:
2020-07-07 11:42
Welcome i dont have

Code: Select all


 IISAppPool\[Application pool name] and check local activation checkbox

I have only users and built in acounts. Can you send some sreenschot?
Oops, missed a space.... you have to type it, example:

IIS AppPool\DefaultAppPool
by RvdH
2020-07-07 11:34
Forum: General discussions
Topic: Rouncube password
Replies: 23
Views: 2119

Re: Rouncube password

OK, in IIS Manager note the roundcube website Application pool name it runs under (we use this later) Run 'dcomcnfg', Component Services -> Computer -> My Computer -> DCOM Config Select hMailserver, right click properties -> Security Tab -> Launch and Activation Permissions -> Add -> IIS AppPool\ [A...
by RvdH
2020-07-07 11:18
Forum: General discussions
Topic: Rouncube password
Replies: 23
Views: 2119

Re: Rouncube password

Roundcube is working and installed correctly on IIS?
Then is should be placed in web.config in roundcube website root

You can also do this with IIS Manager, double click the roundcube site in website list, then select Error pages -> Edit feature settings -> Detailed errors
by RvdH
2020-07-07 10:56
Forum: General discussions
Topic: Rouncube password
Replies: 23
Views: 2119

Re: Rouncube password

Did you try with customErrors=off in web.config?
you should see a detailed report about the issue that is causing the 500 error (most likely DCOM)

Code: Select all

    <system.web>
        <customErrors mode="Off"/>
    </system.web>
by RvdH
2020-06-22 13:29
Forum: General discussions
Topic: cant login to hmailserver phpwebadmin remotely
Replies: 7
Views: 852

Re: cant login to hmailserver phpwebadmin remotely

What did you insert into $hmail_config['rooturl']? https://www.hmailserver.com/documentation/latest/?page=howto_install_phpwebadmin FYI, i doubt you can run phpwebadmin remotely, as it uses/needs DCOM access, so a Windows box is required its $hmail_config['rooturl']= http://localhost/PhpWebAdmin Wh...
by RvdH
2020-06-22 10:48
Forum: General discussions
Topic: cant login to hmailserver phpwebadmin remotely
Replies: 7
Views: 852

Re: cant login to hmailserver phpwebadmin remotely

What did you insert into $hmail_config['rooturl']?

https://www.hmailserver.com/documentati ... hpwebadmin

FYI, i doubt you can run phpwebadmin remotely, as it uses/needs DCOM access, so a Windows box is required
by RvdH
2020-06-20 11:07
Forum: SpamAssassin implementation discussions
Topic: SA with a new Spamhaus plugin
Replies: 27
Views: 7667

Re: SA with a new Spamhaus plugin

Anyone (still) using these 'new' Spamhaus datafeed services? You will need to renew on an annual basis. A simple email usually suffices — although now you mention it, we should have an auto-renew button on the user portal. I’ll raise that with the web team. I got a reminder the other day that i need...
by RvdH
2020-06-19 00:06
Forum: Scripting
Topic: Search entire message text in the rule selection.
Replies: 7
Views: 1538

Re: Search entire message text in the rule selection.

mattg wrote:
2020-06-18 15:58
'Body' is plain text, and may or may not, include the contents of the email

Some emails are 'HTML text'

But yes, that is a good find.
I missed that
U Sure?
Body - The Body of the email message. This includes both the plain text body and the HTML body.
As listed in docs here
by RvdH
2020-06-16 11:17
Forum: General discussions
Topic: Strange logins from Microsoft
Replies: 6
Views: 1236

Re: Strange logins from Microsoft

Check the default Windows 10 Mail app, does this list the account in question?

[EDIT] Don't know what i was thinking, ignore this comment :oops:
by RvdH
2020-06-15 12:08
Forum: General discussions
Topic: Code: 10053, Message: An established connection was aborted by the software in your host machine
Replies: 32
Views: 3513

Re: Code: 10053, Message: An established connection was aborted by the software in your host machine

Hello. I guess you meant to change the local host name back to blank. No, I did not mean that. I meant what I wrote I meant that field NEEDS to have the FQDN name placed there EXACTLY what RvdH has been saying all thread You have to change hostname to what it says in the error "cpc123802-trow7-2-0-...
by RvdH
2020-06-11 23:39
Forum: General discussions
Topic: SSL server clients not connect
Replies: 11
Views: 1602

Re: SSL server clients not connect

Welcome i check logs and i found on error log this information. I create new file but problem still active. My key its ok because work on other services Ok. What i a reason of this error : "ERROR" 5840 "2020-06-11 16:56:39.647" "Severity: 2 (High), Code: HM5113, Source: SslContextInitializer::InitS...
by RvdH
2020-06-10 22:09
Forum: General discussions
Topic: Code: 10053, Message: An established connection was aborted by the software in your host machine
Replies: 32
Views: 3513

Re: Code: 10053, Message: An established connection was aborted by the software in your host machine

You must be bullshitin me, right? You identify yourself as 'SERVER' to the outside world, it's a bit hard to get working DNS for something that is not a FQDN...still with me so far? Therefor I told you (multiple times now) to change your hostname under SMTP settings, and this time not invent another...
by RvdH
2020-06-10 21:21
Forum: General discussions
Topic: Code: 10053, Message: An established connection was aborted by the software in your host machine
Replies: 32
Views: 3513

Re: Code: 10053, Message: An established connection was aborted by the software in your host machine

Really don't know what you are doing anymore.... you had one simple thing to do In the first post you stated you never use the hmailserver to receive mail and sorely use it to send mail, so why are you damn persistent to get the diagnostic test to work? (The 'Test MX records' Test is to verify you ...
by RvdH
2020-06-10 21:05
Forum: General discussions
Topic: Code: 10053, Message: An established connection was aborted by the software in your host machine
Replies: 32
Views: 3513

Re: Code: 10053, Message: An established connection was aborted by the software in your host machine

Really don't know what you are doing anymore.... you had one simple thing to do In the first post you stated you never use the hmailserver to receive mail and sorely use it to send mail, why are you so damn persistent to get the diagnostic test to work? (The 'Test MX records' Test is to verify you c...
by RvdH
2020-06-10 11:59
Forum: General discussions
Topic: Performance issues sending/receiving email
Replies: 11
Views: 1570

Re: Performance issues sending/receiving email

Also with the IIS solution, I'm guessing that a drop folder was used, not a SMTP connection +1 @martijng, do you authenticate the user that sends the mails or did you exclude that ip(range) from virus/spamchecks? if not. Unauthenticated mail is always checked for spam if not disabled by ip(range) s...
by RvdH
2020-06-10 09:44
Forum: General discussions
Topic: Performance issues sending/receiving email
Replies: 11
Views: 1570

Re: Performance issues sending/receiving email

As said, he only uses the hmailserver for sending out (and DKIM sign outgoing) e-mails, what this tells me he can basically use every (or at least plenty more) of the available system resources, I would suggest you increase Delivery threads to 100 or even more, 50000 mail are quite some mails, but y...
by RvdH
2020-06-09 19:25
Forum: General discussions
Topic: Slow Response on Local NIC
Replies: 13
Views: 1556

Re: Slow Response on Local NIC

Yes comparing 1 second to 0, in a single shot it seems little but in an average daily amount of 60 thousand the thing complicates That's just ridiculous...but if you really need to bring this down if i were you i would try to look for the cause on the client pc connecting, maybe a (real time) virus...
by RvdH
2020-06-09 19:01
Forum: General discussions
Topic: Slow Response on Local NIC
Replies: 13
Views: 1556

Re: Slow Response on Local NIC

extremely slow :?: We are talking about 1 second right? Yes comparing 1 second to 0, in a single shot it seems little but in an average daily amount of 60 thousand the thing complicates That's just ridiculous...but if you really need to bring this down if i were you i would try to look for the caus...