Hello everyone,
I have recently integrated Proxmox Mailgateway into my infrastructure. It acts as a mail gateway in front of my Exchange server.
After a few adjustments regarding DNSBLs and my own dedicated recursive dns server, everything is working quite well.
But I still have a problem:
I get quite a lot of spam, which is delivered to various user mailboxes, but which is not addressed to these users themselves.
It's not even a configured domain.
I have attached a picture as an example. Here, this mail is delivered to the mailbox ‘user1@mydomain.com’, which is addressed to a domain unknown to me (here: ‘post@drwortberg.de’).
However, I have set the following in the options for the mail proxy:
Verify Receivers: Yes (550)
Reject Unknown Clients: Yes
What am I doing wrong? Am I missing something here? How can I switch this off?
Thank you very much and best regards.
I have also attached the headers of the mail from the example below:
I have also attached the log data from the Promxox Mailgateway tracking centre:
I have recently integrated Proxmox Mailgateway into my infrastructure. It acts as a mail gateway in front of my Exchange server.
After a few adjustments regarding DNSBLs and my own dedicated recursive dns server, everything is working quite well.
But I still have a problem:
I get quite a lot of spam, which is delivered to various user mailboxes, but which is not addressed to these users themselves.
It's not even a configured domain.
I have attached a picture as an example. Here, this mail is delivered to the mailbox ‘user1@mydomain.com’, which is addressed to a domain unknown to me (here: ‘post@drwortberg.de’).
However, I have set the following in the options for the mail proxy:
Verify Receivers: Yes (550)
Reject Unknown Clients: Yes
What am I doing wrong? Am I missing something here? How can I switch this off?
Thank you very much and best regards.
I have also attached the headers of the mail from the example below:
Code:
Received: from EXCHANGE-01.mydomain.local (192.168.1.10) by
EXCHANGE-01.mydomain.local (192.168.1.10) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
15.2.1748.10 via Mailbox Transport; Thu, 13 Mar 2025 15:01:19 +0100
Received: from EXCHANGE-01.mydomain.local (192.168.1.10) by
EXCHANGE-01.mydomain.local (192.168.1.10) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
15.2.1748.10; Thu, 13 Mar 2025 15:01:18 +0100
Received: from mx0.mydomain.com (192.168.1.20) by EXCHANGE-01.mydomain.local
(192.168.1.10) with Microsoft SMTP Server id 15.2.1748.10 via Frontend
Transport; Thu, 13 Mar 2025 15:01:18 +0100
Received: from mx0.mydomain.com (localhost.localdomain [127.0.0.1])
by mx0.mydomain.com (Proxmox) with ESMTP id 86C1B141736
for <user1@mydomain.com>; Thu, 13 Mar 2025 15:01:18 +0100 (CET)
Received-SPF: pass (winzerser.eu: 85.234.100.141 is authorized to use 'yxfyjzj@winzerser.eu' in 'mfrom' identity (mechanism 'mx' matched)) receiver=mx0.mydomain.com; identity=mailfrom; envelope-from="yxfyjzj@winzerser.eu"; helo=mx.eos.kustanai.su; client-ip=85.234.100.141
Received: from mx.eos.kustanai.su (mx.eos.kustanai.su [85.234.100.141])
by mx0.mydomain.com (Proxmox) with ESMTP id E5E0514143F
for <user1@mydomain.com>; Thu, 13 Mar 2025 15:01:12 +0100 (CET)
Received: from winzerser.eu (ocolas.click [5.152.210.183])
by mx.eos.kustanai.su (Postfix) with ESMTPA id A734C260B5C;
Thu, 13 Mar 2025 14:38:24 +0200 (EET)
Message-ID: <60356385S51556553U66888607S62265272E@idyxfyjzj>
From: Emura Non-Stick <yxfyjzj@winzerser.eu>
To: <post@drwortberg.de>
Subject: [EXTERN] Innovative PEEK Antihaftbeschichtung
Date: Thu, 13 Mar 2025 14:38:26 +0200
MIME-Version: 1.0
Content-Type: multipart/related; type="multipart/alternative";
boundary="----=_NextPart_000_0006_01DB9423.9ED0C590"
X-SPAM-LEVEL: Spam detection results: 1
DMARC_MISSING 0.1 Missing DMARC policy
HTML_IMAGE_ONLY_12 1.629 HTML: images with 800-1200 bytes of words
HTML_IMAGE_RATIO_02 0.001 HTML has a low ratio of text to image area
HTML_MESSAGE 0.001 HTML included in message
KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record
SPF_PASS -0.001 SPF: sender matches SPF record
T_TVD_MIME_EPI 0.01 -
Return-Path: yxfyjzj@winzerser.eu
X-MS-Exchange-Organization-Network-Message-Id: 6f0a5178-b113-42ef-89b9-08dd6237872a
X-MS-Exchange-Organization-AVStamp-Enterprise: 1.0
X-MS-Exchange-Organization-AuthSource: EXCHANGE-01.mydomain.local
X-MS-Exchange-Organization-AuthAs: Anonymous
X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.3321393
X-MS-Exchange-Processed-By-BccFoldering: 15.02.1748.010I have also attached the log data from the Promxox Mailgateway tracking centre:
Code:
2025-03-13T15:01:12.598106+01:00 mx0 postfix/smtpd[783686]: connect from mx.eos.kustanai.su[85.234.100.141]
2025-03-13T15:01:12.941750+01:00 mx0 postfix/smtpd[783686]: E5E0514143F: client=mx.eos.kustanai.su[85.234.100.141]
2025-03-13T15:01:12.959268+01:00 mx0 postfix/cleanup[783691]: E5E0514143F: message-id=<60356385S51556553U66888607S62265272E@idyxfyjzj>
2025-03-13T15:01:13.008750+01:00 mx0 postfix/qmgr[647681]: E5E0514143F: from=<yxfyjzj@winzerser.eu>, size=120071, nrcpt=1 (queue active)
2025-03-13T15:01:13.008941+01:00 mx0 postfix/smtpd[783686]: disconnect from mx.eos.kustanai.su[85.234.100.141] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
2025-03-13T15:01:13.066259+01:00 mx0 pmg-smtp-filter[782697]: 14173067D2E5290CCDE: new mail message-id=<60356385S51556553U66888607S62265272E@idyxfyjzj>#012
2025-03-13T15:01:18.523890+01:00 mx0 pmg-smtp-filter[782697]: 14173067D2E5290CCDE: SA score=1/5 time=5.249 bayes=undefined autolearn=disabled hits=DMARC_MISSING(0.1),HTML_IMAGE_ONLY_12(1.629),HTML_IMAGE_RATIO_02(0.001),HTML_MESSAGE(0.001),KAM_DMARC_STATUS(0.01),SPF_HELO_NONE(0.001),SPF_PASS(-0.001),T_TVD_MIME_EPI(0.01)
2025-03-13T15:01:18.550464+01:00 mx0 postfix/smtpd[783700]: connect from localhost.localdomain[127.0.0.1]
2025-03-13T15:01:18.552108+01:00 mx0 postfix/smtpd[783700]: 86C1B141736: client=localhost.localdomain[127.0.0.1], orig_client=mx.eos.kustanai.su[85.234.100.141]
2025-03-13T15:01:18.555888+01:00 mx0 postfix/cleanup[783691]: 86C1B141736: message-id=<60356385S51556553U66888607S62265272E@idyxfyjzj>
2025-03-13T15:01:18.601328+01:00 mx0 postfix/qmgr[647681]: 86C1B141736: from=<yxfyjzj@winzerser.eu>, size=120820, nrcpt=1 (queue active)
2025-03-13T15:01:18.601462+01:00 mx0 postfix/smtpd[783700]: disconnect from localhost.localdomain[127.0.0.1] ehlo=1 xforward=1 mail=1 rcpt=1 data=1 commands=5
2025-03-13T15:01:18.601582+01:00 mx0 pmg-smtp-filter[782697]: 14173067D2E5290CCDE: accept mail to <user1@mydomain.com> (86C1B141736) (rule: default-accept)
2025-03-13T15:01:18.604739+01:00 mx0 pmg-smtp-filter[782697]: 14173067D2E5290CCDE: processing time: 5.547 seconds (5.249, 0.204, 0)
2025-03-13T15:01:18.605227+01:00 mx0 postfix/lmtp[783692]: E5E0514143F: to=<user1@mydomain.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=6, delays=0.37/0/0.04/5.6, dsn=2.5.0, status=sent (250 2.5.0 OK (14173067D2E5290CCDE))
2025-03-13T15:01:18.607730+01:00 mx0 postfix/qmgr[647681]: E5E0514143F: removed
2025-03-13T15:01:18.813264+01:00 mx0 postfix/smtp[783701]: 86C1B141736: to=<user1@mydomain.com>, relay=EXCHANGE-01.mydomain.local[192.168.1.10]:25, delay=0.26, delays=0.05/0/0.09/0.12, dsn=2.6.0, status=sent (250 2.6.0 <60356385S51556553U66888607S62265272E@idyxfyjzj> [InternalId=205084688384001, Hostname=EXCHANGE-01.mydomain.local] 121993 bytes in 0.108, 1101,999 KB/sec Queued mail for delivery)
2025-03-13T15:01:18.813731+01:00 mx0 postfix/qmgr[647681]: 86C1B141736: removed
Last edited: