How to lock emails from unknown

I

itret

Member
Proxmox Subscriber
Jul 4, 2022
61
8
13
Poland
Hi there, I recieved and email which looks like it has been sent from my own account to myself.
I'm wondering if there's any solution to block it on PMG?

Here is the log (I replaced my domain and IP)
Code: 
2024-06-27T13:13:20.340929+02:00 pmg postfix/smtpd[1034154]: connect from unknown[5.29.32.109]
2024-06-27T13:13:20.930323+02:00 pmg postfix/smtpd[1034154]: E3140240CA1: client=unknown[5.29.32.109]
2024-06-27T13:13:21.059383+02:00 pmg postfix/cleanup[1033993]: E3140240CA1: message-id=<003501dac89c$02ab833e$b9aa7390$@email.com>
2024-06-27T13:13:21.282115+02:00 pmg postfix/qmgr[881223]: E3140240CA1: from=<my@email.com>, size=11661, nrcpt=1 (queue active)
2024-06-27T13:13:21.334187+02:00 pmg pmg-smtp-filter[1034157]: 240CA8667D49514FB33: new mail message-id=<003501dac89c$02ab833e$b9aa7390$@email.com>#012
2024-06-27T13:13:21.432182+02:00 pmg postfix/smtpd[1034154]: disconnect from unknown[5.29.32.109] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
2024-06-27T13:13:42.473311+02:00 pmg pmg-smtp-filter[1034157]: 240CA8667D49514FB33: SA score=11/5 time=21.089 bayes=0.00 autolearn=no autolearn_force=no hits=BAYES_00(-1.9),BITCOIN_SPAM_07(1.612),BITCOIN_TOEQFM(1.846),DMARC_MISSING(0.1),DOS_OUTLOOK_TO_MX(2.845),FUZZY_BITCOIN(1),HTML_MESSAGE(0.001),KAM_DMARC_STATUS(0.01),KAM_LAZY_DOMAIN_SECURITY(1),NO_FM_NAME_IP_HOSTN(0.001),OBFU_BITCOIN(1),PDS_BAD_THREAD_QP_64(0.999),PDS_BTC_ID(0.001),RATWARE_NO_RDNS(2.686),RDNS_NONE(0.793),SPF_NONE(0.001),TO_EQ_FM_DIRECT_MX(0.001)
2024-06-27T13:13:42.474640+02:00 pmg pmg-smtp-filter[1034157]: 240CA8667D49514FB33: sender in user (my@email.com) welcomelist
2024-06-27T13:13:42.477645+02:00 pmg postfix/smtpd[1034185]: connect from localhost.localdomain[127.0.0.1]
2024-06-27T13:13:42.479554+02:00 pmg postfix/smtpd[1034185]: 75090240C92: client=localhost.localdomain[127.0.0.1], orig_client=unknown[5.29.32.109]
2024-06-27T13:13:42.522854+02:00 pmg postfix/cleanup[1033994]: 75090240C92: message-id=<003501dac89c$02ab833e$b9aa7390$@email.com>
2024-06-27T13:13:42.523887+02:00 pmg postfix/qmgr[881223]: 75090240C92: from=<my@email.com>, size=13041, nrcpt=1 (queue active)
2024-06-27T13:13:42.524048+02:00 pmg pmg-smtp-filter[1034157]: 240CA8667D49514FB33: accept mail to <my@email.com> (75090240C92) (rule: default-accept)
2024-06-27T13:13:42.524264+02:00 pmg postfix/smtpd[1034185]: disconnect from localhost.localdomain[127.0.0.1] ehlo=1 xforward=1 mail=1 rcpt=1 data=1 commands=5
2024-06-27T13:13:42.526012+02:00 pmg pmg-smtp-filter[1034157]: 240CA8667D49514FB33: processing time: 21.197 seconds (21.089, 0.044, 0)
2024-06-27T13:13:42.526387+02:00 pmg postfix/lmtp[1033977]: E3140240CA1: to=<my@email.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=22, delays=0.69/0/0.04/21, dsn=2.5.0, status=sent (250 2.5.0 OK (240CA8667D49514FB33))
2024-06-27T13:13:42.526913+02:00 pmg postfix/qmgr[881223]: E3140240CA1: removed
2024-06-27T13:13:42.531277+02:00 pmg postfix/smtp[1034186]: Untrusted TLS connection established to 192.168.1.111[192.168.1.111]:25: TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)
2024-06-27T13:13:45.863648+02:00 pmg postfix/smtp[1034186]: 75090240C92: to=<my@email.com>, relay=192.168.1.111[192.168.1.111]:25, delay=3.4, delays=0.04/0/0.05/3.3, dsn=2.6.0, status=sent (250 2.6.0 <003501dac89c$02ab833e$b9aa7390$@email.com> [InternalId=383579234238561, Hostname=ex01.mydomain.local] Queued mail for delivery)
2024-06-27T13:13:45.864338+02:00 pmg postfix/qmgr[881223]: 75090240C92: removed
 
Last edited:
itret said:
SA score=11/5
Click to expand...
This mail has a SpamAssassin score of 11 - which is really high - I would recommend adding a rule, which simply blocks or quarantines mails above a certain threshold (the cutoff score depends on the mails you want to receive - but I'd consider everything scoring 6 or above quite high)

itret said:
sender in user (my@email.com) welcomelist
Click to expand...
if a users adds your mail to their user welcomelist then spamscoring will not catch though - this is the reason why you should not add too many addresses to your user-lists.
 
Stoiko Ivanov said:
if a users adds your mail to their user welcomelist then spamscoring will not catch though - this is the reason why you should not add too many addresses to your user-lists.
Click to expand...

About "welcomelist', as you see this is my own address, users were added from LDAP, so I'm not sure what do you mean by saying not to add too many addresses to my user-lists
 
Last edited:
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back