Sending mail problem

[whitelinux]

Hello,

I am dealing with the network side of a hosting company and there are 3 /24 ip classes, 2 of these 3 classes are completely blocked in outlook style places (Normal Blacklist is available but not on spam). I install the Proxmox Mail Gateway structure on a single ip address and extract all 25,26,465,2525 mail ports over an ip over Mikrotik. If there is a separate filter on the Mikrotik side as spam, the threads detected as spam mail are directed to a different proxmo mail gateway server and rejected directly there. My problem is exactly that I saw that some threads spam mail guinea can go to these outlook-style places, and neither the ip address of the sending mail nor the sender mail address appear. How can I solve this?

 

[Stoiko Ivanov]

I don't quite understand the setup - or the problems you're describing - please provide some logs of PMG and show where the problem is using the logs

Thanks!

 

[whitelinux]

My problem is exactly
I have set https://prnt.sc/C5Unld7xwnlq to block such obscure senders in the options section, but it does not block it, so it is exempt from the spam filter I have made.
options : https://prnt.sc/6cqKQ5oBMrqa
Versions:

 

[whitelinux]

Aug 24 23:34:58 mailgateway postfix/smtpd[44914]: warning: key at index 1 in /etc/pmg/pmg-tls.pem does not match next certificate
Aug 24 23:34:58 mailgateway postfix/smtpd[44914]: warning: TLS library problem: error:1426D120:SSL routines:ssl_set_cert_and_key:private key mismatch:../ssl/ssl_rsa.c:1068:
Aug 24 23:34:58 mailgateway postfix/smtpd[44914]: warning: error loading private keys and certificates from: /etc/pmg/pmg-tls.pem: disabling TLS support
Aug 24 23:34:58 mailgateway postfix/smtpd[44914]: warning: hostname server.poyrazhosting.com.tr does not resolve to address 213.238.180.36: Name or service not known
Aug 24 23:34:58 mailgateway postfix/smtpd[44914]: connect from unknown[213.238.180.36]
Aug 24 23:34:59 mailgateway postfix/smtpd[44914]: 007C33A11D9: client=unknown[213.238.180.36]
Aug 24 23:34:59 mailgateway postfix/cleanup[44917]: 007C33A11D9: message-id=<E1oQx5U-0000rv-37@2-59-117-133.cprapid.com>
Aug 24 23:34:59 mailgateway postfix/smtpd[44914]: disconnect from unknown[213.238.180.36] ehlo=1 starttls=0/1 mail=1 rcpt=1 data=1 quit=1 commands=5/6
Aug 24 23:34:59 mailgateway postfix/qmgr[22056]: 007C33A11D9: from=<>, size=7054, nrcpt=1 (queue active)
Aug 24 23:34:59 mailgateway pmg-smtp-filter[38861]: 3A11DF63068B730B2D8: new mail message-id=<E1oQx5U-0000rv-37@2-59-117-133.cprapid.com>#012
Aug 24 23:35:01 mailgateway pmg-smtp-filter[38861]: 3A11DF63068B730B2D8: SA score=0/5 time=2.122 bayes=undefined autolearn=ham autolearn_force=no hits=ANY_BOUNCE_MESSAGE(3),AWL(-0.981),BOUNCE_MESSAGE(0.1),KAM_DMARC_STATUS(0.01),POISEN_SPAM_PILL(0.1),POISEN_SPAM_PILL_1(0.1),POISEN_SPAM_PILL_3(0.1),RCVD_IN_DNSWL_HI(-5),RDNS_NONE(1.274),SPF_HELO_NONE(0.001),TVD_RCVD_IP(0.001),T_SCC_BODY_TEXT_LINE(-0.01),URIBL_BLOCKED(0.001)
Aug 24 23:35:01 mailgateway postfix/smtpd[44951]: connect from localhost.localdomain[127.0.0.1]
Aug 24 23:35:01 mailgateway postfix/smtpd[44951]: 445BF3A11E0: client=localhost.localdomain[127.0.0.1], orig_client=unknown[213.238.180.36]
Aug 24 23:35:01 mailgateway postfix/cleanup[44917]: 445BF3A11E0: message-id=<E1oQx5U-0000rv-37@2-59-117-133.cprapid.com>
Aug 24 23:35:01 mailgateway postfix/qmgr[22056]: 445BF3A11E0: from=<>, size=7307, nrcpt=1 (queue active)
Aug 24 23:35:01 mailgateway postfix/smtpd[44951]: disconnect from localhost.localdomain[127.0.0.1] ehlo=1 xforward=1 mail=1 rcpt=1 data=1 commands=5
Aug 24 23:35:01 mailgateway pmg-smtp-filter[38861]: 3A11DF63068B730B2D8: accept mail to <n0228c2fcce-31bc591069f644e5-kgfbv===berfiaz.tk@bounce.twitter.com> (445BF3A11E0) (rule: default-accept)
Aug 24 23:35:01 mailgateway pmg-smtp-filter[38861]: 3A11DF63068B730B2D8: processing time: 2.293 seconds (2.122, 0.056, 0)
Aug 24 23:35:01 mailgateway postfix/lmtp[44918]: 007C33A11D9: to=<n0228c2fcce-31bc591069f644e5-kgfbv===berfiaz.tk@bounce.twitter.com>, relay=127.0.0.1[127.0.0.1]:10023, delay=2.4, delays=0.02/0.03/0/2.3, dsn=2.5.0, status=sent (250 2.5.0 OK (3A11DF63068B730B2D8))
Aug 24 23:35:01 mailgateway postfix/qmgr[22056]: 007C33A11D9: removed
Aug 24 23:35:02 mailgateway postfix/smtp[44952]: Trusted TLS connection established to mx3.twitter.com[199.59.148.207]:25: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
Aug 24 23:35:03 mailgateway postfix/smtp[44952]: 445BF3A11E0: to=<n0228c2fcce-31bc591069f644e5-kgfbv===berfiaz.tk@bounce.twitter.com>, relay=mx3.twitter.com[199.59.148.207]:25, delay=2.3, delays=0.06/0.03/1.5/0.63, dsn=2.0.0, status=sent (250 2.0.0 OK 17/7C-04102-77B86036)
Aug 24 23:35:03 mailgateway postfix/qmgr[22056]: 445BF3A11E0: removed

 

[Stoiko Ivanov]

o block such obscure senders in the options section,

where did you enter the e-mail addresses to be blocked?

else - your setup has a few other problems:

warning: key at index 1 in /etc/pmg/pmg-tls.pem does not match next certificate

your tls certificate does not work - an intermediate certificate is missing or so

URIBL_BLOCKED(0.001)

the dns-server you're using for your PMG is over limit at uribl - this means you don't get answers from uribl, which means that the spam-detection rate won't be good.

see the getting started article in the pmg wiki:
https://pmg.proxmox.com/wiki/index.php/Getting_started_with_Proxmox_Mail_Gateway