Outgoing mail filtering spam quarantine

Aug 14, 2023
20
1
3
Hello,

We are currently using SpamExperts as our solution for incoming + outgoing mail filtering.

We are now evaluating PMG in order to replace SpamExperts. I am specifically looking in some insights for handling outgoing spam filtering.
We have configured our VMs to send their e-mails through PMG. So: [VM] --> [PMG port 26] --> [Internet, i.e. gmail/outlook/etc...]

In PMG, I have configured a Mail Filter rule to allow outgoing mails from the VM, unless a certain spam score is hit. In that case, the mail placed into quarantine.

Looking at the mail quarantine, I can only filter based on recipient, and search for the subject and sender. But in our case, what we want to see is all mails that are in the quarantine originating from the VM. So I would need to be able to search based on an IP-address or perhaps HELO from the original mail. This is because we have hundreds of VMs in a multi-tenancy situation and are looking to group the quarantined emails by tenant (the sending VM) instead of the recipient.
Is such a thing possible with PMG?

As an alternative I tested blocking the mail instead of placing it into quarantine, but this gives a permanent error (554). Logical, I suppose, but not wanted for our use-case.
Giving a permanent error is not wanted for us, since it means we can no longer release mails from quarantine. Ideally we would want to give a temporary error. This means the mail should stay in the mailqueue on the VM, and it gives us the chance to either remove it from the queue (if it really is spam), ór adjust PMG and adjust the filter if it is a false positive. Then the VM can re-try the mail delivery.

Would either of these 2 options be possible with PMG?

Cheers,
Niels
 
Multi tenancy never has been a focal point for PMG..... yet.
For this reason some of the needed feature to operate a multi-tenant environment simply does not exist. As of PMG latest, no way to search quarantine other than Email and Sender as you know already. We tried to dig deep to have a way to manually do this, but at the end, the hassle just was not worth it. Deploying separate instance for each tenant is one way to go. But comes at a cost of increased subscription and management overhead for a MSP.

The other side of the coin, emails originated locally usually considered safe. One common scenario in a multi tenant environment is a compromised entity using the environment to send massive number of SPAM email causing MSP IPs to get blacklisted by destination email provider such as MS, Google etc. This is a headache for a MSP. The PMG can shield from this by limiting email volume or as in your case custom configured rules.

The fact of the matter is, more controls are given in PMG for incoming emails than outgoing.
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!