receiving Spam email not blocking proxmos
- Thread starter dhinilkv
- Start date
+++++++++++++++++++++
Apr 4 04:07:04 proxmox postfix/smtpd[6693]: connect from s4.csa2.acemsa2.com[52.128.40.18]
Apr 4 04:07:04 proxmox postfix/smtpd[6693]: DA58E100A06: client=s4.csa2.acemsa2.com[52.128.40.18]
Apr 4 04:07:05 proxmox postfix/cleanup[6697]: DA58E100A06: message-id=<20230404000657.26667.1783965210.swift@hashtagtreinamentos.activehosted.com>
Apr 4 04:07:05 proxmox postfix/qmgr[1690]: DA58E100A06: from=<bounce-315655-11726-5568106-Lan=biN-dRAI.com@s4.csa2.acemsa5.com>, size=42206, nrcpt=1 (queue active)
Apr 4 04:07:05 proxmox pmg-smtp-filter[6345]: 1010EB642B6A295DB27: new mail message-id=<20230404000657.26667.1783965210.swift@hashtagtreinamentos.activehosted.com>#012
Apr 4 04:07:05 proxmox postfix/smtpd[6693]: disconnect from s4.csa2.acemsa2.com[52.128.40.18] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Apr 4 04:07:08 proxmox pmg-smtp-filter[6345]: 1010EB642B6A295DB27: SA score=0/5 time=3.150 bayes=undefined autolearn=ham autolearn_force=no hits=AWL(1.350),DKIM_SIGNED(0.1),DKIM_VALID(-0.1),DKIM_VALID_AU(-0.1),HEADER_FROM_DIFFERENT_DOMAINS(0.25),HTML_FONT_LOW_CONTRAST(0.001),HTML_MESSAGE(0.001),RCVD_IN_HOSTKARMA_W(-2.5),RCVD_IN_MSPIKE_H2(-0.001),SPF_HELO_PASS(-0.001),SPF_PASS(-0.001),T_KAM_HTML_FONT_INVALID(0.01)
Apr 4 04:07:08 proxmox postfix/smtpd[6703]: connect from localhost.localdomain[127.0.0.1]
Apr 4 04:07:08 proxmox postfix/smtpd[6703]: B70E8101108: client=localhost.localdomain[127.0.0.1], orig_client=s4.csa2.acemsa2.com[52.128.40.18]
Apr 4 04:07:08 proxmox postfix/cleanup[6697]: B70E8101108: message-id=<20230404000657.26667.1783965210.swift@hashtagtreinamentos.activehosted.com>
Apr 4 04:07:08 proxmox postfix/qmgr[1690]: B70E8101108: from=<bounce-315655-11726-5568106-Lan=biN-dRAI.com@s4.csa2.acemsa5.com>, size=43370, nrcpt=1 (queue active)
Apr 4 04:07:08 proxmox postfix/smtpd[6703]: disconnect from localhost.localdomain[127.0.0.1] ehlo=1 xforward=1 mail=1 rcpt=1 data=1 commands=5
Apr 4 04:07:08 proxmox pmg-smtp-filter[6345]: 1010EB642B6A295DB27: accept mail to <Lan@biN-dRAI.com> (B70E8101108) (rule: default-accept)
Apr 4 04:07:08 proxmox pmg-smtp-filter[6345]: 1010EB642B6A295DB27: processing time: 3.416 seconds (3.15, 0.144, 0)
Apr 4 04:07:08 proxmox postfix/lmtp[6698]: DA58E100A06: to=<Lan@biN-dRAI.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=4, delays=0.49/0.02/0.05/3.4, dsn=2.5.0, status=sent (250 2.5.0 OK (1010EB642B6A295DB27))
Apr 4 04:07:08 proxmox postfix/qmgr[1690]: DA58E100A06: removed
Apr 4 04:07:08 proxmox postfix/smtp[6704]: B70E8101108: to=<Lan@biN-dRAI.com>, relay=192.168.2.1[192.168.2.1]:25, delay=0.21, delays=0.05/0.02/0.04/0.1, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as EAA406E00016)
Apr 4 04:07:08 proxmox postfix/qmgr[1690]: B70E8101108: removed
+++++++++++++++++++++++++
++++++++++++++++++++++++
Apr 4 04:07:22 proxmox postfix/smtpd[6693]: connect from s3.csa1.acemsa5.com[192.92.97.104]
Apr 4 04:07:23 proxmox postfix/smtpd[6693]: 37F14100A06: client=s3.csa1.acemsa5.com[192.92.97.104]
Apr 4 04:07:23 proxmox postfix/cleanup[6697]: 37F14100A06: message-id=<20230404000716.19389.662678607.swift@email.nordgreen.com>
Apr 4 04:07:23 proxmox postfix/qmgr[1690]: 37F14100A06: from=<bounce-810134-2803-441680-lan=bin-drai.com@s2.csa2.acemsa5.com>, size=35854, nrcpt=1 (queue active)
Apr 4 04:07:23 proxmox pmg-smtp-filter[6345]: 1010EB642B6A3BACAD6: new mail message-id=<20230404000716.19389.662678607.swift@email.nordgreen.com>#012
Apr 4 04:07:23 proxmox postfix/smtpd[6693]: disconnect from s3.csa1.acemsa5.com[192.92.97.104] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Apr 4 04:07:25 proxmox pmg-smtp-filter[6345]: 1010EB642B6A3BACAD6: SA score=0/5 time=2.004 bayes=undefined autolearn=ham autolearn_force=no hits=DKIM_SIGNED(0.1),DKIM_VALID(-0.1),DKIM_VALID_EF(-0.1),HEADER_FROM_DIFFERENT_DOMAINS(0.25),HTML_FONT_LOW_CONTRAST(0.001),HTML_MESSAGE(0.001),KAM_HUGEIMGSRC(0.2),KAM_LOTSOFHASH(0.25),RCVD_IN_HOSTKARMA_W(-2.5),RCVD_IN_MSPIKE_H2(-0.001),SPF_HELO_PASS(-0.001),SPF_PASS(-0.001)
Apr 4 04:07:25 proxmox postfix/smtpd[6703]: connect from localhost.localdomain[127.0.0.1]
Apr 4 04:07:25 proxmox postfix/smtpd[6703]: D3A9C101108: client=localhost.localdomain[127.0.0.1], orig_client=s3.csa1.acemsa5.com[192.92.97.104]
Apr 4 04:07:25 proxmox postfix/cleanup[6697]: D3A9C101108: message-id=<20230404000716.19389.662678607.swift@email.nordgreen.com>
Apr 4 04:07:25 proxmox postfix/qmgr[1690]: D3A9C101108: from=<bounce-810134-2803-441680-lan=bin-drai.com@s2.csa2.acemsa5.com>, size=37010, nrcpt=1 (queue active)
Apr 4 04:07:25 proxmox postfix/smtpd[6703]: disconnect from localhost.localdomain[127.0.0.1] ehlo=1 xforward=1 mail=1 rcpt=1 data=1 commands=5
Apr 4 04:07:25 proxmox pmg-smtp-filter[6345]: 1010EB642B6A3BACAD6: accept mail to <lan@bin-drai.com> (D3A9C101108) (rule: default-accept)
Apr 4 04:07:25 proxmox pmg-smtp-filter[6345]: 1010EB642B6A3BACAD6: processing time: 2.21 seconds (2.004, 0.12, 0)
Apr 4 04:07:25 proxmox postfix/lmtp[6698]: 37F14100A06: to=<lan@bin-drai.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=2.7, delays=0.45/0/0.04/2.2, dsn=2.5.0, status=sent (250 2.5.0 OK (1010EB642B6A3BACAD6))
Apr 4 04:07:25 proxmox postfix/qmgr[1690]: 37F14100A06: removed
Apr 4 04:07:25 proxmox postfix/smtp[6704]: D3A9C101108: to=<lan@bin-drai.com>, relay=192.168.2.1[192.168.2.1]:25, delay=0.1, delays=0.05/0/0.01/0.04, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as EA59B6E00016)
Apr 4 04:07:25 proxmox postfix/qmgr[1690]: D3A9C101108: removed
++++++++++++++++++++++++++++
++++++++++++++++++++++++++++
Apr 4 04:36:33 proxmox postfix/smtpd[6933]: connect from o1653.mail.pipingrock.com[159.183.168.197]
Apr 4 04:36:34 proxmox postfix/smtpd[6933]: ABDC2101084: client=o1653.mail.pipingrock.com[159.183.168.197]
Apr 4 04:36:35 proxmox postfix/cleanup[6938]: ABDC2101084: message-id=<_oqH0VgZRdC6ACBXYApjfQ@geopod-ismtpd-20>
Apr 4 04:36:35 proxmox postfix/qmgr[1690]: ABDC2101084: from=<bounces+26710755-993d-lan=bin-drai.com@mail.pipingrock.com>, size=63417, nrcpt=1 (queue active)
Apr 4 04:36:36 proxmox pmg-smtp-filter[6437]: 1010EB642B7113EB786: new mail message-id=<_oqH0VgZRdC6ACBXYApjfQ@geopod-ismtpd-20>#012
Apr 4 04:36:36 proxmox postfix/smtpd[6933]: disconnect from o1653.mail.pipingrock.com[159.183.168.197] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Apr 4 04:36:38 proxmox pmg-smtp-filter[6437]: 1010EB642B7113EB786: SA score=1/5 time=1.890 bayes=undefined autolearn=no autolearn_force=no hits=DKIM_SIGNED(0.1),DKIM_VALID(-0.1),HTML_FONT_LOW_CONTRAST(0.001),HTML_MESSAGE(0.001),KAM_REALLYHUGEIMGSRC(0.5),SENDGRID_REDIR(1.067),SPF_HELO_NONE(0.001),SPF_PASS(-0.001)
Apr 4 04:36:38 proxmox postfix/smtpd[6944]: connect from localhost.localdomain[127.0.0.1]
Apr 4 04:36:38 proxmox postfix/smtpd[6944]: 1A0BC101108: client=localhost.localdomain[127.0.0.1], orig_client=o1653.mail.pipingrock.com[159.183.168.197]
Apr 4 04:36:38 proxmox postfix/cleanup[6938]: 1A0BC101108: message-id=<_oqH0VgZRdC6ACBXYApjfQ@geopod-ismtpd-20>
Apr 4 04:36:38 proxmox postfix/qmgr[1690]: 1A0BC101108: from=<bounces+26710755-993d-lan=bin-drai.com@mail.pipingrock.com>, size=64254, nrcpt=1 (queue active)
Apr 4 04:36:38 proxmox postfix/smtpd[6944]: disconnect from localhost.localdomain[127.0.0.1] ehlo=1 xforward=1 mail=1 rcpt=1 data=1 commands=5
Apr 4 04:36:38 proxmox pmg-smtp-filter[6437]: 1010EB642B7113EB786: accept mail to <lan@bin-drai.com> (1A0BC101108) (rule: default-accept)
Apr 4 04:36:38 proxmox pmg-smtp-filter[6437]: 1010EB642B7113EB786: processing time: 2.196 seconds (1.89, 0.162, 0)
Apr 4 04:36:38 proxmox postfix/lmtp[6939]: ABDC2101084: to=<lan@bin-drai.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=4, delays=1.7/0.02/0.05/2.2, dsn=2.5.0, status=sent (250 2.5.0 OK (1010EB642B7113EB786))
Apr 4 04:36:38 proxmox postfix/qmgr[1690]: ABDC2101084: removed
Apr 4 04:36:38 proxmox postfix/smtp[6945]: 1A0BC101108: to=<lan@bin-drai.com>, relay=192.168.2.1[192.168.2.1]:25, delay=0.23, delays=0.06/0.02/0.04/0.11, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 4E54E6E00016)
Apr 4 04:36:38 proxmox postfix/qmgr[1690]: 1A0BC101108: removed
++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++
Apr 4 05:19:03 proxmox postfix/smtpd[7315]: connect from mta1.thetruthaboutcancer.net[162.247.113.141]
Apr 4 05:19:04 proxmox postfix/smtpd[7315]: 255921010EA: client=mta1.thetruthaboutcancer.net[162.247.113.141]
Apr 4 05:19:04 proxmox postfix/cleanup[7318]: 255921010EA: message-id=<912ca9d0-b4b4-013b-e713-42010a800111@thetruthaboutcancer.net>
Apr 4 05:19:05 proxmox postfix/qmgr[1690]: 255921010EA: from=<744909866-9965451-144@be6.maropost.com>, size=44055, nrcpt=1 (queue active)
Apr 4 05:19:05 proxmox pmg-smtp-filter[6949]: 101101642B7B090BB66: new mail message-id=<912ca9d0-b4b4-013b-e713-42010a800111@thetruthaboutcancer.net>#012
Apr 4 05:19:05 proxmox postfix/smtpd[7315]: disconnect from mta1.thetruthaboutcancer.net[162.247.113.141] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Apr 4 05:19:06 proxmox pmg-smtp-filter[6949]: 101101642B7B090BB66: SA score=0/5 time=1.495 bayes=undefined autolearn=no autolearn_force=no hits=AWL(-0.000),DKIM_SIGNED(0.1),DKIM_VALID(-0.1),HEADER_FROM_DIFFERENT_DOMAINS(0.25),HTML_IMAGE_RATIO_06(0.001),HTML_MESSAGE(0.001),HTTPS_HTTP_MISMATCH(0.1),RCVD_IN_DNSWL_NONE(-0.0001),SPF_HELO_NONE(0.001),SPF_PASS(-0.001),T_KAM_HTML_FONT_INVALID(0.01)
Apr 4 05:19:06 proxmox postfix/smtpd[7336]: connect from localhost.localdomain[127.0.0.1]
Apr 4 05:19:06 proxmox postfix/smtpd[7336]: BA0DE10110A: client=localhost.localdomain[127.0.0.1], orig_client=mta1.thetruthaboutcancer.net[162.247.113.141]
Apr 4 05:19:06 proxmox postfix/cleanup[7318]: BA0DE10110A: message-id=<912ca9d0-b4b4-013b-e713-42010a800111@thetruthaboutcancer.net>
Apr 4 05:19:06 proxmox postfix/qmgr[1690]: BA0DE10110A: from=<744909866-9965451-144@be6.maropost.com>, size=45128, nrcpt=1 (queue active)
Apr 4 05:19:06 proxmox postfix/smtpd[7336]: disconnect from localhost.localdomain[127.0.0.1] ehlo=1 xforward=1 mail=1 rcpt=1 data=1 commands=5
Apr 4 05:19:06 proxmox pmg-smtp-filter[6949]: 101101642B7B090BB66: accept mail to <lan@bin-drai.com> (BA0DE10110A) (rule: default-accept)
Apr 4 05:19:06 proxmox pmg-smtp-filter[6949]: 101101642B7B090BB66: processing time: 1.761 seconds (1.495, 0.142, 0)
Apr 4 05:19:06 proxmox postfix/lmtp[7319]: 255921010EA: to=<lan@bin-drai.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=3.4, delays=1.6/0/0.04/1.8, dsn=2.5.0, status=sent (250 2.5.0 OK (101101642B7B090BB66))
Apr 4 05:19:06 proxmox postfix/qmgr[1690]: 255921010EA: removed
Apr 4 05:19:06 proxmox postfix/smtp[7337]: BA0DE10110A: to=<lan@bin-drai.com>, relay=192.168.2.1[192.168.2.1]:25, delay=0.22, delays=0.05/0.03/0.04/0.1, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as EE2826E00016)
Apr 4 05:19:06 proxmox postfix/qmgr[1690]: BA0DE10110A: removed
++++++++++++++++++++++++++++++++++++
Apr 4 04:07:04 proxmox postfix/smtpd[6693]: connect from s4.csa2.acemsa2.com[52.128.40.18]
Apr 4 04:07:04 proxmox postfix/smtpd[6693]: DA58E100A06: client=s4.csa2.acemsa2.com[52.128.40.18]
Apr 4 04:07:05 proxmox postfix/cleanup[6697]: DA58E100A06: message-id=<20230404000657.26667.1783965210.swift@hashtagtreinamentos.activehosted.com>
Apr 4 04:07:05 proxmox postfix/qmgr[1690]: DA58E100A06: from=<bounce-315655-11726-5568106-Lan=biN-dRAI.com@s4.csa2.acemsa5.com>, size=42206, nrcpt=1 (queue active)
Apr 4 04:07:05 proxmox pmg-smtp-filter[6345]: 1010EB642B6A295DB27: new mail message-id=<20230404000657.26667.1783965210.swift@hashtagtreinamentos.activehosted.com>#012
Apr 4 04:07:05 proxmox postfix/smtpd[6693]: disconnect from s4.csa2.acemsa2.com[52.128.40.18] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Apr 4 04:07:08 proxmox pmg-smtp-filter[6345]: 1010EB642B6A295DB27: SA score=0/5 time=3.150 bayes=undefined autolearn=ham autolearn_force=no hits=AWL(1.350),DKIM_SIGNED(0.1),DKIM_VALID(-0.1),DKIM_VALID_AU(-0.1),HEADER_FROM_DIFFERENT_DOMAINS(0.25),HTML_FONT_LOW_CONTRAST(0.001),HTML_MESSAGE(0.001),RCVD_IN_HOSTKARMA_W(-2.5),RCVD_IN_MSPIKE_H2(-0.001),SPF_HELO_PASS(-0.001),SPF_PASS(-0.001),T_KAM_HTML_FONT_INVALID(0.01)
Apr 4 04:07:08 proxmox postfix/smtpd[6703]: connect from localhost.localdomain[127.0.0.1]
Apr 4 04:07:08 proxmox postfix/smtpd[6703]: B70E8101108: client=localhost.localdomain[127.0.0.1], orig_client=s4.csa2.acemsa2.com[52.128.40.18]
Apr 4 04:07:08 proxmox postfix/cleanup[6697]: B70E8101108: message-id=<20230404000657.26667.1783965210.swift@hashtagtreinamentos.activehosted.com>
Apr 4 04:07:08 proxmox postfix/qmgr[1690]: B70E8101108: from=<bounce-315655-11726-5568106-Lan=biN-dRAI.com@s4.csa2.acemsa5.com>, size=43370, nrcpt=1 (queue active)
Apr 4 04:07:08 proxmox postfix/smtpd[6703]: disconnect from localhost.localdomain[127.0.0.1] ehlo=1 xforward=1 mail=1 rcpt=1 data=1 commands=5
Apr 4 04:07:08 proxmox pmg-smtp-filter[6345]: 1010EB642B6A295DB27: accept mail to <Lan@biN-dRAI.com> (B70E8101108) (rule: default-accept)
Apr 4 04:07:08 proxmox pmg-smtp-filter[6345]: 1010EB642B6A295DB27: processing time: 3.416 seconds (3.15, 0.144, 0)
Apr 4 04:07:08 proxmox postfix/lmtp[6698]: DA58E100A06: to=<Lan@biN-dRAI.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=4, delays=0.49/0.02/0.05/3.4, dsn=2.5.0, status=sent (250 2.5.0 OK (1010EB642B6A295DB27))
Apr 4 04:07:08 proxmox postfix/qmgr[1690]: DA58E100A06: removed
Apr 4 04:07:08 proxmox postfix/smtp[6704]: B70E8101108: to=<Lan@biN-dRAI.com>, relay=192.168.2.1[192.168.2.1]:25, delay=0.21, delays=0.05/0.02/0.04/0.1, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as EAA406E00016)
Apr 4 04:07:08 proxmox postfix/qmgr[1690]: B70E8101108: removed
+++++++++++++++++++++++++
++++++++++++++++++++++++
Apr 4 04:07:22 proxmox postfix/smtpd[6693]: connect from s3.csa1.acemsa5.com[192.92.97.104]
Apr 4 04:07:23 proxmox postfix/smtpd[6693]: 37F14100A06: client=s3.csa1.acemsa5.com[192.92.97.104]
Apr 4 04:07:23 proxmox postfix/cleanup[6697]: 37F14100A06: message-id=<20230404000716.19389.662678607.swift@email.nordgreen.com>
Apr 4 04:07:23 proxmox postfix/qmgr[1690]: 37F14100A06: from=<bounce-810134-2803-441680-lan=bin-drai.com@s2.csa2.acemsa5.com>, size=35854, nrcpt=1 (queue active)
Apr 4 04:07:23 proxmox pmg-smtp-filter[6345]: 1010EB642B6A3BACAD6: new mail message-id=<20230404000716.19389.662678607.swift@email.nordgreen.com>#012
Apr 4 04:07:23 proxmox postfix/smtpd[6693]: disconnect from s3.csa1.acemsa5.com[192.92.97.104] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Apr 4 04:07:25 proxmox pmg-smtp-filter[6345]: 1010EB642B6A3BACAD6: SA score=0/5 time=2.004 bayes=undefined autolearn=ham autolearn_force=no hits=DKIM_SIGNED(0.1),DKIM_VALID(-0.1),DKIM_VALID_EF(-0.1),HEADER_FROM_DIFFERENT_DOMAINS(0.25),HTML_FONT_LOW_CONTRAST(0.001),HTML_MESSAGE(0.001),KAM_HUGEIMGSRC(0.2),KAM_LOTSOFHASH(0.25),RCVD_IN_HOSTKARMA_W(-2.5),RCVD_IN_MSPIKE_H2(-0.001),SPF_HELO_PASS(-0.001),SPF_PASS(-0.001)
Apr 4 04:07:25 proxmox postfix/smtpd[6703]: connect from localhost.localdomain[127.0.0.1]
Apr 4 04:07:25 proxmox postfix/smtpd[6703]: D3A9C101108: client=localhost.localdomain[127.0.0.1], orig_client=s3.csa1.acemsa5.com[192.92.97.104]
Apr 4 04:07:25 proxmox postfix/cleanup[6697]: D3A9C101108: message-id=<20230404000716.19389.662678607.swift@email.nordgreen.com>
Apr 4 04:07:25 proxmox postfix/qmgr[1690]: D3A9C101108: from=<bounce-810134-2803-441680-lan=bin-drai.com@s2.csa2.acemsa5.com>, size=37010, nrcpt=1 (queue active)
Apr 4 04:07:25 proxmox postfix/smtpd[6703]: disconnect from localhost.localdomain[127.0.0.1] ehlo=1 xforward=1 mail=1 rcpt=1 data=1 commands=5
Apr 4 04:07:25 proxmox pmg-smtp-filter[6345]: 1010EB642B6A3BACAD6: accept mail to <lan@bin-drai.com> (D3A9C101108) (rule: default-accept)
Apr 4 04:07:25 proxmox pmg-smtp-filter[6345]: 1010EB642B6A3BACAD6: processing time: 2.21 seconds (2.004, 0.12, 0)
Apr 4 04:07:25 proxmox postfix/lmtp[6698]: 37F14100A06: to=<lan@bin-drai.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=2.7, delays=0.45/0/0.04/2.2, dsn=2.5.0, status=sent (250 2.5.0 OK (1010EB642B6A3BACAD6))
Apr 4 04:07:25 proxmox postfix/qmgr[1690]: 37F14100A06: removed
Apr 4 04:07:25 proxmox postfix/smtp[6704]: D3A9C101108: to=<lan@bin-drai.com>, relay=192.168.2.1[192.168.2.1]:25, delay=0.1, delays=0.05/0/0.01/0.04, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as EA59B6E00016)
Apr 4 04:07:25 proxmox postfix/qmgr[1690]: D3A9C101108: removed
++++++++++++++++++++++++++++
++++++++++++++++++++++++++++
Apr 4 04:36:33 proxmox postfix/smtpd[6933]: connect from o1653.mail.pipingrock.com[159.183.168.197]
Apr 4 04:36:34 proxmox postfix/smtpd[6933]: ABDC2101084: client=o1653.mail.pipingrock.com[159.183.168.197]
Apr 4 04:36:35 proxmox postfix/cleanup[6938]: ABDC2101084: message-id=<_oqH0VgZRdC6ACBXYApjfQ@geopod-ismtpd-20>
Apr 4 04:36:35 proxmox postfix/qmgr[1690]: ABDC2101084: from=<bounces+26710755-993d-lan=bin-drai.com@mail.pipingrock.com>, size=63417, nrcpt=1 (queue active)
Apr 4 04:36:36 proxmox pmg-smtp-filter[6437]: 1010EB642B7113EB786: new mail message-id=<_oqH0VgZRdC6ACBXYApjfQ@geopod-ismtpd-20>#012
Apr 4 04:36:36 proxmox postfix/smtpd[6933]: disconnect from o1653.mail.pipingrock.com[159.183.168.197] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Apr 4 04:36:38 proxmox pmg-smtp-filter[6437]: 1010EB642B7113EB786: SA score=1/5 time=1.890 bayes=undefined autolearn=no autolearn_force=no hits=DKIM_SIGNED(0.1),DKIM_VALID(-0.1),HTML_FONT_LOW_CONTRAST(0.001),HTML_MESSAGE(0.001),KAM_REALLYHUGEIMGSRC(0.5),SENDGRID_REDIR(1.067),SPF_HELO_NONE(0.001),SPF_PASS(-0.001)
Apr 4 04:36:38 proxmox postfix/smtpd[6944]: connect from localhost.localdomain[127.0.0.1]
Apr 4 04:36:38 proxmox postfix/smtpd[6944]: 1A0BC101108: client=localhost.localdomain[127.0.0.1], orig_client=o1653.mail.pipingrock.com[159.183.168.197]
Apr 4 04:36:38 proxmox postfix/cleanup[6938]: 1A0BC101108: message-id=<_oqH0VgZRdC6ACBXYApjfQ@geopod-ismtpd-20>
Apr 4 04:36:38 proxmox postfix/qmgr[1690]: 1A0BC101108: from=<bounces+26710755-993d-lan=bin-drai.com@mail.pipingrock.com>, size=64254, nrcpt=1 (queue active)
Apr 4 04:36:38 proxmox postfix/smtpd[6944]: disconnect from localhost.localdomain[127.0.0.1] ehlo=1 xforward=1 mail=1 rcpt=1 data=1 commands=5
Apr 4 04:36:38 proxmox pmg-smtp-filter[6437]: 1010EB642B7113EB786: accept mail to <lan@bin-drai.com> (1A0BC101108) (rule: default-accept)
Apr 4 04:36:38 proxmox pmg-smtp-filter[6437]: 1010EB642B7113EB786: processing time: 2.196 seconds (1.89, 0.162, 0)
Apr 4 04:36:38 proxmox postfix/lmtp[6939]: ABDC2101084: to=<lan@bin-drai.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=4, delays=1.7/0.02/0.05/2.2, dsn=2.5.0, status=sent (250 2.5.0 OK (1010EB642B7113EB786))
Apr 4 04:36:38 proxmox postfix/qmgr[1690]: ABDC2101084: removed
Apr 4 04:36:38 proxmox postfix/smtp[6945]: 1A0BC101108: to=<lan@bin-drai.com>, relay=192.168.2.1[192.168.2.1]:25, delay=0.23, delays=0.06/0.02/0.04/0.11, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 4E54E6E00016)
Apr 4 04:36:38 proxmox postfix/qmgr[1690]: 1A0BC101108: removed
++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++
Apr 4 05:19:03 proxmox postfix/smtpd[7315]: connect from mta1.thetruthaboutcancer.net[162.247.113.141]
Apr 4 05:19:04 proxmox postfix/smtpd[7315]: 255921010EA: client=mta1.thetruthaboutcancer.net[162.247.113.141]
Apr 4 05:19:04 proxmox postfix/cleanup[7318]: 255921010EA: message-id=<912ca9d0-b4b4-013b-e713-42010a800111@thetruthaboutcancer.net>
Apr 4 05:19:05 proxmox postfix/qmgr[1690]: 255921010EA: from=<744909866-9965451-144@be6.maropost.com>, size=44055, nrcpt=1 (queue active)
Apr 4 05:19:05 proxmox pmg-smtp-filter[6949]: 101101642B7B090BB66: new mail message-id=<912ca9d0-b4b4-013b-e713-42010a800111@thetruthaboutcancer.net>#012
Apr 4 05:19:05 proxmox postfix/smtpd[7315]: disconnect from mta1.thetruthaboutcancer.net[162.247.113.141] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Apr 4 05:19:06 proxmox pmg-smtp-filter[6949]: 101101642B7B090BB66: SA score=0/5 time=1.495 bayes=undefined autolearn=no autolearn_force=no hits=AWL(-0.000),DKIM_SIGNED(0.1),DKIM_VALID(-0.1),HEADER_FROM_DIFFERENT_DOMAINS(0.25),HTML_IMAGE_RATIO_06(0.001),HTML_MESSAGE(0.001),HTTPS_HTTP_MISMATCH(0.1),RCVD_IN_DNSWL_NONE(-0.0001),SPF_HELO_NONE(0.001),SPF_PASS(-0.001),T_KAM_HTML_FONT_INVALID(0.01)
Apr 4 05:19:06 proxmox postfix/smtpd[7336]: connect from localhost.localdomain[127.0.0.1]
Apr 4 05:19:06 proxmox postfix/smtpd[7336]: BA0DE10110A: client=localhost.localdomain[127.0.0.1], orig_client=mta1.thetruthaboutcancer.net[162.247.113.141]
Apr 4 05:19:06 proxmox postfix/cleanup[7318]: BA0DE10110A: message-id=<912ca9d0-b4b4-013b-e713-42010a800111@thetruthaboutcancer.net>
Apr 4 05:19:06 proxmox postfix/qmgr[1690]: BA0DE10110A: from=<744909866-9965451-144@be6.maropost.com>, size=45128, nrcpt=1 (queue active)
Apr 4 05:19:06 proxmox postfix/smtpd[7336]: disconnect from localhost.localdomain[127.0.0.1] ehlo=1 xforward=1 mail=1 rcpt=1 data=1 commands=5
Apr 4 05:19:06 proxmox pmg-smtp-filter[6949]: 101101642B7B090BB66: accept mail to <lan@bin-drai.com> (BA0DE10110A) (rule: default-accept)
Apr 4 05:19:06 proxmox pmg-smtp-filter[6949]: 101101642B7B090BB66: processing time: 1.761 seconds (1.495, 0.142, 0)
Apr 4 05:19:06 proxmox postfix/lmtp[7319]: 255921010EA: to=<lan@bin-drai.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=3.4, delays=1.6/0/0.04/1.8, dsn=2.5.0, status=sent (250 2.5.0 OK (101101642B7B090BB66))
Apr 4 05:19:06 proxmox postfix/qmgr[1690]: 255921010EA: removed
Apr 4 05:19:06 proxmox postfix/smtp[7337]: BA0DE10110A: to=<lan@bin-drai.com>, relay=192.168.2.1[192.168.2.1]:25, delay=0.22, delays=0.05/0.03/0.04/0.1, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as EE2826E00016)
Apr 4 05:19:06 proxmox postfix/qmgr[1690]: BA0DE10110A: removed
++++++++++++++++++++++++++++++++++++
did you already see/do the "improving spam detection" part of https://pmg.proxmox.com/wiki/index.php/Getting_started_with_Proxmox_Mail_Gateway ?
especially the rbls are a big help with spam detection
especially the rbls are a big help with spam detection
can you provide the tweaking setting I need to update urgently, Because the customer is facing very huge number of incoming spamming.
Aslo if possible most of the email address source email address contain = symbol
How to block the email address with = symbol
Aslo if possible most of the email address source email address contain = symbol
| bounce-315655-11726-5568106-Lan=biN-dRAI.com@s4.csa2.acemsa5.com | L |
How to block the email address with = symbol
hi, the steps for configuring the RBL is documented in the link i posted.
for the rule system, check out the documentation: https://pmg.proxmox.com/pmg-docs/pmg-admin-guide.html#chapter_mailfilter
for the rule system, check out the documentation: https://pmg.proxmox.com/pmg-docs/pmg-admin-guide.html#chapter_mailfilter
what do you mean exactly? do you want to know if the regex '.*=.*' matches emails with a '=' in them? if you mean that, then yes
a basic introduction to regexes (and more external information) is also found in the docs: https://pmg.proxmox.com/pmg-docs/pmg-admin-guide.html#pmg_mailfilter_regex
a basic introduction to regexes (and more external information) is also found in the docs: https://pmg.proxmox.com/pmg-docs/pmg-admin-guide.html#pmg_mailfilter_regex
I am able to block email id with = symbol Thanks. But now I am receiving email address with from empty. How to block this.
Apr 5 15:01:45 proxmox postfix/smtpd[181976]: connect from nb24.servidoraweb.net[167.250.5.24]
Apr 5 15:01:46 proxmox postfix/smtpd[181976]: 3613F101508: client=nb24.servidoraweb.net[167.250.5.24]
Apr 5 15:01:46 proxmox postfix/cleanup[181843]: 3613F101508: message-id=<E1pk0c9-0000jS-1l@ramses.servidoraweb.net>
Apr 5 15:01:46 proxmox postfix/qmgr[181707]: 3613F101508: from=<>, size=4433, nrcpt=1 (queue active)
Apr 5 15:01:46 proxmox pmg-smtp-filter[182077]: 101521642D551A9920B: new mail message-id=<E1pk0c9-0000jS-1l@ramses.servidoraweb.net>#012
Apr 5 15:01:47 proxmox postfix/smtpd[181976]: disconnect from nb24.servidoraweb.net[167.250.5.24] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Apr 5 15:01:48 proxmox pmg-smtp-filter[182077]: 101521642D551A9920B: SA score=0/5 time=1.798 bayes=undefined autolearn=no autolearn_force=no hits=HTML_MESSAGE(0.001),KAM_DMARC_STATUS(0.01),MPART_ALT_DIFF(0.724),SPF_HELO_NONE(0.001)
Apr 5 15:01:48 proxmox postfix/smtpd[181841]: connect from localhost.localdomain[127.0.0.1]
Apr 5 15:01:48 proxmox postfix/smtpd[181841]: 8DB52101522: client=localhost.localdomain[127.0.0.1], orig_client=nb24.servidoraweb.net[167.250.5.24]
Apr 5 15:01:48 proxmox postfix/cleanup[181845]: 8DB52101522: message-id=<E1pk0c9-0000jS-1l@ramses.servidoraweb.net>
Apr 5 15:01:48 proxmox postfix/qmgr[181707]: 8DB52101522: from=<>, size=4960, nrcpt=1 (queue active)
Apr 5 15:01:48 proxmox postfix/smtpd[181841]: disconnect from localhost.localdomain[127.0.0.1] ehlo=1 xforward=1 mail=1 rcpt=1 data=1 commands=5
Apr 5 15:01:48 proxmox pmg-smtp-filter[182077]: 101521642D551A9920B: accept mail to <LaN@bIn-dRAi.COm> (8DB52101522) (rule: default-accept)
Apr 5 15:01:48 proxmox pmg-smtp-filter[182077]: 101521642D551A9920B: processing time: 2.003 seconds (1.798, 0.101, 0)
Apr 5 15:01:48 proxmox postfix/lmtp[181827]: 3613F101508: to=<LaN@bIn-dRAi.COm>, relay=127.0.0.1[127.0.0.1]:10024, delay=2.4, delays=0.38/0/0.04/2, dsn=2.5.0, status=sent (250 2.5.0 OK (101521642D551A9920B))
Apr 5 15:01:48 proxmox postfix/qmgr[181707]: 3613F101508: removed
Apr 5 15:01:48 proxmox postfix/smtp[181847]: 8DB52101522: to=<LaN@bIn-dRAi.COm>, relay=192.168.2.1[192.168.2.1]:25, delay=0.09, delays=0.05/0/0.01/0.03, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as A44E36E00993)
Apr 5 15:01:48 proxmox postfix/qmgr[181707]: 8DB52101522: removed
Apr 5 15:01:45 proxmox postfix/smtpd[181976]: connect from nb24.servidoraweb.net[167.250.5.24]
Apr 5 15:01:46 proxmox postfix/smtpd[181976]: 3613F101508: client=nb24.servidoraweb.net[167.250.5.24]
Apr 5 15:01:46 proxmox postfix/cleanup[181843]: 3613F101508: message-id=<E1pk0c9-0000jS-1l@ramses.servidoraweb.net>
Apr 5 15:01:46 proxmox postfix/qmgr[181707]: 3613F101508: from=<>, size=4433, nrcpt=1 (queue active)
Apr 5 15:01:46 proxmox pmg-smtp-filter[182077]: 101521642D551A9920B: new mail message-id=<E1pk0c9-0000jS-1l@ramses.servidoraweb.net>#012
Apr 5 15:01:47 proxmox postfix/smtpd[181976]: disconnect from nb24.servidoraweb.net[167.250.5.24] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Apr 5 15:01:48 proxmox pmg-smtp-filter[182077]: 101521642D551A9920B: SA score=0/5 time=1.798 bayes=undefined autolearn=no autolearn_force=no hits=HTML_MESSAGE(0.001),KAM_DMARC_STATUS(0.01),MPART_ALT_DIFF(0.724),SPF_HELO_NONE(0.001)
Apr 5 15:01:48 proxmox postfix/smtpd[181841]: connect from localhost.localdomain[127.0.0.1]
Apr 5 15:01:48 proxmox postfix/smtpd[181841]: 8DB52101522: client=localhost.localdomain[127.0.0.1], orig_client=nb24.servidoraweb.net[167.250.5.24]
Apr 5 15:01:48 proxmox postfix/cleanup[181845]: 8DB52101522: message-id=<E1pk0c9-0000jS-1l@ramses.servidoraweb.net>
Apr 5 15:01:48 proxmox postfix/qmgr[181707]: 8DB52101522: from=<>, size=4960, nrcpt=1 (queue active)
Apr 5 15:01:48 proxmox postfix/smtpd[181841]: disconnect from localhost.localdomain[127.0.0.1] ehlo=1 xforward=1 mail=1 rcpt=1 data=1 commands=5
Apr 5 15:01:48 proxmox pmg-smtp-filter[182077]: 101521642D551A9920B: accept mail to <LaN@bIn-dRAi.COm> (8DB52101522) (rule: default-accept)
Apr 5 15:01:48 proxmox pmg-smtp-filter[182077]: 101521642D551A9920B: processing time: 2.003 seconds (1.798, 0.101, 0)
Apr 5 15:01:48 proxmox postfix/lmtp[181827]: 3613F101508: to=<LaN@bIn-dRAi.COm>, relay=127.0.0.1[127.0.0.1]:10024, delay=2.4, delays=0.38/0/0.04/2, dsn=2.5.0, status=sent (250 2.5.0 OK (101521642D551A9920B))
Apr 5 15:01:48 proxmox postfix/qmgr[181707]: 3613F101508: removed
Apr 5 15:01:48 proxmox postfix/smtp[181847]: 8DB52101522: to=<LaN@bIn-dRAi.COm>, relay=192.168.2.1[192.168.2.1]:25, delay=0.09, delays=0.05/0/0.01/0.03, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as A44E36E00993)
Apr 5 15:01:48 proxmox postfix/qmgr[181707]: 8DB52101522: removed
Attachments
if I set backscatter score to 1 did it block the bounce back message , right now I have set it to 1.
Is there any other option we can set to disable bounce back messages from proxmox as this also cause server to send too much email like bounce back attack
Is there any other option we can set to disable bounce back messages from proxmox as this also cause server to send too much email like bounce back attack
Also Most of the Email are send as Capital letter or mixed with small and capital. Is there any way proxmox can block capital letter in To.
Like LAN@bin-drai.com, Lan@bin-drai.com need to block this kind of emails. Only allow lan@bin-drai.com in To section
Like LAN@bin-drai.com, Lan@bin-drai.com need to block this kind of emails. Only allow lan@bin-drai.com in To section
i'd advise against trying to filter like this, because you very likely will block many legitimate mails also e.g. "Firstname.Lastname@domain.com" etc.
i don't completely understand what you're saying here, do you mean pmg sends too many bounces out?
did you already setup the rbls ?
what do you mean with 'for specific account', if you want to have rules only for a specific receiver email, you have to define the 'to' who object in those rules
Specific account means Suppose if I block email contain + sign using regular expression. It will block it for all email which recieved to the proxmos right. Suppose I need to apply this rule only for account lan@bin-drai.com. I need to block email with + sign in from address to the email id lan@bin-drai.com only.
In Who Objects I cannot See To Option. can you provide the correct steps to do the same.
In Who Objects I cannot See To Option. can you provide the correct steps to do the same.
that is the interface to edit the objects (in your case the 'blacklist' object)
after you created a who object with the proper setings, you have to add it to a rule
see https://pmg.proxmox.com/pmg-docs/pmg-admin-guide.html#chapter_mailfilter for details
after you created a who object with the proper setings, you have to add it to a rule
see https://pmg.proxmox.com/pmg-docs/pmg-admin-guide.html#chapter_mailfilter for details
I added Blacklist to To, But I cannot see any option to put the To Email address.
Where should I put my to address lan@bin-drai.com
Where should I put my to address lan@bin-drai.com