My Proxmox Mail Gateway was blacklisted in CBL

N

nick

Renowned Member
Mar 28, 2007
364
1
83
Hi all,

It's the second time in this month when one Proxmox Mail Gateway it's listed on CBL (http://cbl.abuseat.org/).

The server it's behind firewall...and I don't understand why it's listed! Someone know much more about CBL procedures?

I use the latest version of PMG (2.3) and it's install from 2 years (I think :confused:)

Thank you!
 
AFAIK, CBL is a spamtrap. So it is likely that somone inside your network is sending SPAM (virus, bot).

By default, PMG does not scan outgoing mails for SPAM, but you can turn that on in the rule system. It is best to create a new rule to filter or simply detect such messages.

Make sure that you block outgoing SMTP from all internal hosts. Only PMG should be allowed to send mail. You need to relay all mails to PMG, because it should be the only server allowed to send mail.

BTW, does the statistic page shows some 'virus outbreaks'?

- Dietmar
 
all SMTP traffic is trough Proxmox - all!

Other servers don't have access to outgoing on TCP25. All Windows PC's/Servers are protected by an enterprise A/V - I eliminate the problem with Virus!

Now, I verify Hello answer and it's OK! I verify relay and it's OK!

I'm not sure what happen! Maybe someone can give me a tip!

The firewall use SAT (not NAT)!
 
dietmar said:
By default, PMG does not scan outgoing mails for SPAM, but you can turn that on in the rule system. It is best to create a new rule to filter or simply detect such messages.
Click to expand...

I will activate also this rule!

dietmar said:
Make sure that you block outgoing SMTP from all internal hosts. Only PMG should be allowed to send mail. You need to relay all mails to PMG, because it should be the only server allowed to send mail.
Click to expand...


Yes it's the only Server with access to TCP25 (IN/OUT)

dietmar said:
BTW, does the statistic page shows some 'virus outbreaks'?

- Dietmar
Click to expand...

In this year we receive only 5 mails that contain a virus! And that was blocked!
 
I create special rules in the top of the firewall (Hardware not linux) and there I allow only PMG and drop any other IP (from LAN or DMZ) but my problem is how I make PVE servers to relay with PMG? I need the reports from that servers...


Also I activate on PMG this rule:

Notify Admin

Direction: Out


From: Anybody
To: Anybody
When: Always
What: Spam
Action: Block, Notify Admin, Quarantine
 
Yes, very trough! I forgot that PVE use Postfix! Changes are done and are working correct!

Now let's see what happen!
 
You must log in or register to reply here.
Top Bottom