I got a huge problem with IMAP/SMTP server. Some users get ip block from IMAP/SMTP server, webmail is working and websites working but IMAP/SMTP not working.
If user is changing IP then it connects again. Also tryed to whitelist problematic IP’s in firewall settings but no help.
I think this may be maximum IMAP/SMTP connection problem but i can’t find place when to configure this.
Anybody knows what is causing my problem?
This is one week ago installed server (got cpanel install before this).
Centos 7.7.1908
InterWorx-CP v6.4.1
Firewall: 1.7.5 (APF)
I finally found problem source…it’s MTA settings box: Realtime (SBL) Blacklists.
Problem started after i added zen.spamhaus.org, b.barracudacentral.org, dnsbl.sorbs.net and cbl.abuseat.org. If some user IP is listed in some list then SMTP server blocks this user connection.
It seems very weird practice, is it possible to disable this function or is it possible to add SBL’s only for incoming spam filter (can’t find any option in spam filter page)?
This is a big problem if server blocks user network IP because it’s listed in RBLS beacuse many users need to use e-mail in public aeroport’s networks and simillar. Without RBLS’s we get lot’s of spam ant this is also not acceptable.
Anyway i would like to try rbl’s in spammassassin but can’t find option to add global RBL’s in spam filter settings (in IW panel).
Seems like only option is ad those using CLI or there’s option in IW panel?
SORBS blacklisting is notoriously overzealous and the hassles of using their RBLs may out-weigh the benefits.
If you are seeing SMTP 451 errors relating to Spamhaus PBL or DNSBL lists, the client is blocked because it isn’t authenticating. In Nodeworx you might try SMTP-auth required with TLS optional instead of SMTP-auth over TLS. If that solves anything try switching back to SMTP-auth over TLS once clients are authenticating.
After i added SBL list’s manualy as preference got one small problem left…
Still get some spam like this:
Spam detection software, running on the system,
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: Dear friends, Good day to you! We are the supplier for plastic
mold. I am sure our products will help for your business.
Just a quick post to make sure in nodeworx, system services, mail server, spam filtering you have SA options set to enabled and smtp spam score threshold set correctly
This I think is the SA part that should stop local mail delivery
Hello again,
Still getting spam messages like those before (Content analysis details: (24.1 points, 5.0 required)).
I looked those and they all are redirected messages.
No spam directly to john@john.com but if it’s sent to info@john.com and got directed to john@john.com mailbox then spammassassin wont delete those messages.
Any ideas how to force spammassassin to erase redirected spam messages to?