Help with configuration for SPAM mail detection

ArielVF

New Member
Jan 25, 2022
7
1
3
31
Hello, I am currently performing mail tests to verify the operation of PMG, however I have not had favorable results. There are SPAM emails that are letting them through and it is the email client that blocks them, for example if I send SPAM from a Cpanel email to a Gmail, Gmail detects it as SPAM not PMG.
Based on this, is there an optimal or recommended configuration to apply and perform tests?

Sorry for my English, I'ts not my native language.
 
have you setup DNSBL Sites under Configuration -> Mail Proxy?
And of course a mail filter rule to modify the subject to spam
 
Last edited:
have you setup DNSBL Sites under Configuration -> Mail Proxy?
And of course a mail filter rule to modify the subject to spam
First of all, thanks for reply.
Yes I do configured the DNSBL, but I don't know what do you mean by the mail filter rule, I'm currently using the default rules that PMG brings (attached photo). In the documentation (From I understood) the default configuration is enpugh for have satisfactory results or, am I missing something else to do?
 

Attachments

  • current_configuration.png
    current_configuration.png
    31.9 KB · Views: 80
Last edited:
Last edited:
I have followed the configurations, but the results are not good. I have a lot of undetected spam.
please share:
* the logs of a few mails (especially of ones that are undetected spam)
* the output of `pmgconfig dump`
* the output of `pmgdb dump`

else it's not really possible to see if something can be improved
 
Hi guys!

I also have problem blocking spam like this:

1645294370067.png
My Rule set look like:
1645294410705.png


The spam is all coming from O365. Attached pmgconfig-dumb.
pmgdb dump is hard to anonymize :-)

-----------------------------


The header of the mail shown this:
X-SPAM-LEVEL: Spam detection results: 0
DKIM_SIGNED 0.1 Message has a DKIM or DK signature, not necessarily valid
DKIM_VALID -0.1 Message has at least one valid DKIM or DK signature
HTML_MESSAGE 0.001 HTML included in message
KAM_GOOGLE_REDIR 0.5 Message contains a google URL redirector link
RCVD_IN_DNSWL_NONE -0.0001 Sender listed at https://www.dnswl.org/, no trust
RCVD_IN_MSPIKE_H2 -0.001 Average reputation (+2)
SPF_HELO_PASS -0.001 SPF: HELO matches SPF record
SPF_PASS -0.001 SPF: sender matches SPF record
T_SCC_BODY_TEXT_LINE -0.01 -
URIBL_RED 0.001 Contains an URL listed in the URIBL redlist [desirablepopsys.com]
Return-Path: 183920488@s.iukl.edu.my

-----------------------------


Would be cool if anybody can help.
 

Attachments

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!