PMG 9.0.4 (and and previous)
Dear Community, dear Developers,
The Proxmox Mailgateway is a truly helpful and very stable piece of software. Unfortunately, the filters behave somewhat unexpectedly—or rather, they sometimes fail to filter what they are supposed to. And because this is not decreasing but actually increasing, I would like to describe the problem today:
Emails from senders or domains that repeatedly send spam are radically blocked in my PMG. Email addresses or domain entries are added to the relevant blocklist for this purpose. This works in many cases, but unfortunately not in all.
Even though the corresponding domain entries have been added, some spammers still manage to bypass the filter. I investigated this and suspected that sometimes (perhaps) addresses enclosed in single quotes or angle brackets get through.
Since I didn't want to create a blacklist entry for every variant (or for every subdomain), I ended up using regular expressions and even created a script to generate these (rather complex) entries. The results look something like this (for "domain.tld" including all subdomains):
These entries covered the most common variations, making the filter considerably more reliable—but unfortunately not 100%. This level of reliability was sufficient for several years, and with each new PMG version, there was renewed hope that the filter itself would improve. Instead, I occasionally had to modify my regular expression entries because they no longer worked in the new version (I didn't have to change anything in the latest version, PMG 9.0.4).
These entries covered the common variants, and the filter became significantly more reliable—but unfortunately not 100%. What always seemed to work was blocking individual email addresses directly via an email entry, without using regular expressions.
However, in the current version (PMG 9.0.4), I've noticed that even this filter is no longer reliable. Specifically, we have one address that, despite the filter, is NOT blocked (and no, the address isn't on any welcome list, neither centrally nor personally).
The address looks like this: "harry66666666@domain.tld" and bypasses the filter EVERY SINGLE TIME instead of being blocked just once. Even a regular expression like this didn't help:
And the sender isn't even a professional spammer using tricks, but simply an unwanted sender (a confused individual).
Therefore, I'd like to discuss this further and benefit from your experiences. I'd like to identify the causes in order to understand the situation and find a solution.
Thank you!
Regards, Yummiweb
Dear Community, dear Developers,
The Proxmox Mailgateway is a truly helpful and very stable piece of software. Unfortunately, the filters behave somewhat unexpectedly—or rather, they sometimes fail to filter what they are supposed to. And because this is not decreasing but actually increasing, I would like to describe the problem today:
Emails from senders or domains that repeatedly send spam are radically blocked in my PMG. Email addresses or domain entries are added to the relevant blocklist for this purpose. This works in many cases, but unfortunately not in all.
Even though the corresponding domain entries have been added, some spammers still manage to bypass the filter. I investigated this and suspected that sometimes (perhaps) addresses enclosed in single quotes or angle brackets get through.
Since I didn't want to create a blacklist entry for every variant (or for every subdomain), I ended up using regular expressions and even created a script to generate these (rather complex) entries. The results look something like this (for "domain.tld" including all subdomains):
(?i)((['<]+)?.*@.*domain.tld(['>]+)?)(\s*)$These entries covered the most common variations, making the filter considerably more reliable—but unfortunately not 100%. This level of reliability was sufficient for several years, and with each new PMG version, there was renewed hope that the filter itself would improve. Instead, I occasionally had to modify my regular expression entries because they no longer worked in the new version (I didn't have to change anything in the latest version, PMG 9.0.4).
These entries covered the common variants, and the filter became significantly more reliable—but unfortunately not 100%. What always seemed to work was blocking individual email addresses directly via an email entry, without using regular expressions.
However, in the current version (PMG 9.0.4), I've noticed that even this filter is no longer reliable. Specifically, we have one address that, despite the filter, is NOT blocked (and no, the address isn't on any welcome list, neither centrally nor personally).
The address looks like this: "harry66666666@domain.tld" and bypasses the filter EVERY SINGLE TIME instead of being blocked just once. Even a regular expression like this didn't help:
(?i)((['<]+)?harry66666666@domain.tld(['>]+)?)(\s*)$And the sender isn't even a professional spammer using tricks, but simply an unwanted sender (a confused individual).
Therefore, I'd like to discuss this further and benefit from your experiences. I'd like to identify the causes in order to understand the situation and find a solution.
Thank you!
Regards, Yummiweb
Last edited: