Is it a VPS on Linode/DigitalOcean/Amazon AWS/...? usually VPS vendor offers another layer of firewall, you need to make sure it doesn't block these network ports.
I don't believe so. I flushed my iptables record. Everything else is from a clean install of the script.
Just try to connect to port 25/587/... from another EXTERNAL server.
1: Is server with IP address "10.8.0.154" running?
2: Again, check /etc/dovecot/dovecot.conf, make sure LMTP service is listening on 0.0.0.0, so that server A/B can connect and deliver emails to each other.
1. Yes
2. okey let me check (is this need to on both mail server?
Is it wise to send 5 000 mails in 1 row ?
or 20 000 in 1 batch
I can do it, and i will see what the affects are ... but i would like to prepare myself.. (that is the reason i ask this question)
Are there base rules to avoid that my mailserver is blacklisted. etc.
inet_listener lmtp {
# Listen on localhost (ipv4)
#address = 127.0.0.1
address = 0.0.0.0
port = 24
}
set on both /etc/dovecot/dovecot.conf
have restart the dovecot service by systemctl restart dovecot
but still mail 1 could not send to mail 2
==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 0.9.6
- Linux/BSD distribution name and version: debian 8
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):MySQL
- Web server (Apache or Nginx):Apache
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
Hi,
as you know some time email account was stolen and used for send spam. So we have setup a limit of 24 emails per day via iredapd and throttle plugins. All works fine but today we have find a spammers that was able to bypass limit and send more than 5000 emails in few hours. Here the logs:
From Postfix SMTP Auth:
Dec 6 02:14:59 smtp postfix/smtps/smtpd[26965]: 439HhM4mx1z4xGP: client=ec2-54-232-242-3.sa-east-1.compute.amazonaws.com[54.232.242.3], sasl_method=LOGIN, sasl_username=serve@ammsegurancas35.net
Dec 6 02:15:00 smtp postfix/cleanup[9137]: 439HhM4mx1z4xGP: warning: header Subject: |-Central de Aviso. PROTOCOLO: 03252358/9663-65 from ec2-54-232-242-3.sa-east-1.compute.amazonaws.com[54.232.242.3]; from=<#central.bb.4873@ammsegurancas35.net> to=<adrianolfreitas@hotmail.com> proto=ESMTP helo=<WIN-QUJ6M3E7EJ1>
Dec 6 02:15:00 smtp postfix/cleanup[9137]: 439HhM4mx1z4xGP: message-id=<065420181214013086422E4B$359FD7304D@WINQUJMEEJ>
Dec 6 02:15:03 smtp opendkim[700]: 439HhM4mx1z4xGP: DKIM-Signature field added (s=qbm1812058745, d=ammsegurancas35.net)
Dec 6 02:15:03 smtp postfix/qmgr[5870]: 439HhM4mx1z4xGP: from=<#central.bb.4873@ammsegurancas35.net>, size=534647, nrcpt=1 (queue active)
Dec 6 02:15:06 smtp postfix/smtp[26978]: 439HhM4mx1z4xGP: to=<adrianolfreitas@hotmail.com>, relay=hotmail-com.olc.protection.outlook.com[104.47.33.33]:25, delay=8.3, delays=5.3/0/0.71/2.3, dsn=2.6.0, status=sent (250 2.6.0 <065420181214013086422E4B$359FD7304D@WINQUJMEEJ> [InternalId=26959509736995, Hostname=BN3NAM01HT089.eop-nam01.prod.protection.outlook.com] 541638 bytes in 1.038, 509.165 KB/sec Queued mail for delivery -> 250 2.1.5)
Dec 6 02:15:06 smtp postfix/qmgr[5870]: 439HhM4mx1z4xGP: removed
From Iredapd logs:
2018-12-06 02:14:59 INFO 54.232.242.3 RCPT, serve@ammsegurancas35.net => #central.bb.4873@ammsegurancas35.net -> adrianolfreitas@hotmail.com, REJECT Quota exceeded (number of mails in total) [0.0036s]
2018-12-06 02:15:04 INFO 54.232.242.3 END-OF-MESSAGE, serve@ammsegurancas35.net => #central.bb.4873@ammsegurancas35.net -> adrianolfreitas@hotmail.com, DUNNO [0.9702s]
Iredapd understand that the limit for account has been exceeded, but Postfix not reject/deny the users.
How is possibile? Could be because the spammers open an SMTP session and use always the same for sent all emails?
Our Iredapd version is 2.0.
Thanks
Zhang Thanks for replying. Actually there was nothing in apache log. ( /var/log/apache) All files were empty. Unfortunately, I have reinstalled Ubuntu.
But real problem i am facing is that this is my ip 192.99.70.219. after installing iredmail into it the url is 192.99.70.219/iredadmin.
I want to point my domain to this ip. e.g my domain is example.com
I want to point mail.example.com that points to 192.99.70.219/sogo . Can you please help me with that?
https://docs.iredmail.org/setup.dns.html
I have read your documentation but unable to achieve that
Also can i point my orginal domain to ip and alias as above
Thanks
Solved!
Fix: I had in virtual host in nginx rewrited all access to the mail webpage to https://www... postfix and sogo probably looked for the server hostname, which was not www.XXXX
here is the dovecot sieve log for an email that never showed up under the schedule user account, and the dovecot log doesn't have anything for this user at that timestamp.
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: Loading modules from directory: /usr/lib64/dovecot
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: Module loaded: /usr/lib64/dovecot/lib01_acl_plugin.so
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: Module loaded: /usr/lib64/dovecot/lib10_quota_plugin.so
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: Module loaded: /usr/lib64/dovecot/lib20_mailbox_alias_plugin.so
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: Module loaded: /usr/lib64/dovecot/lib90_sieve_plugin.so
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: auth USER input: schedule@xxxxxx.xxx home=/var/vmail/vmail1/xxxxxx.xxx/s/c/h/schedule-2018.11.08.15.33.18/ quota_rule=*:bytes=10485760000
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: Added userdb setting: plugin/quota_rule=*:bytes=10485760000
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: Effective uid=2000, gid=2000, home=/var/vmail/vmail1/xxxxxx.xxx/s/c/h/schedule-2018.11.08.15.33.18/
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: Quota root: name=user backend=dict args=:proxy::quotadict
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: Quota rule: root=user mailbox=* bytes=10485760000 messages=0
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: Quota warning: bytes=10485760000 (100%) messages=0 reverse=no command=quota-warning 100 schedule@xxxxxx.xxx
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: Quota warning: bytes=9961472000 (95%) messages=0 reverse=no command=quota-warning 95 schedule@xxxxxx.xxx
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: Quota warning: bytes=9437184000 (90%) messages=0 reverse=no command=quota-warning 90 schedule@xxxxxx.xxx
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: Quota warning: bytes=8912896000 (85%) messages=0 reverse=no command=quota-warning 85 schedule@xxxxxx.xxx
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: Quota grace: root=user bytes=1048576000 (10%)
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: dict quota: user=schedule@xxxxxx.xxx, uri=proxy::quotadict, noenforcing=0
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: Namespace : type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:/var/vmail/vmail1/xxxxxx.xxx/s/c/h/schedule-2018.11.08.15.33.18//Maildir/:INDEX=/var/vmail/vmail1/xxxxxx.xxx/s/c/h/schedule-2018.11.08.15.33.18//Maildir/
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: maildir++: root=/var/vmail/vmail1/xxxxxx.xxx/s/c/h/schedule-2018.11.08.15.33.18//Maildir, index=, indexpvt=, control=, inbox=/var/vmail/vmail1/xxxxxx.xxx/s/c/h/schedule-2018.11.08.15.33.18//Maildir, alt=
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: acl: initializing backend with data: vfile
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: acl: acl username = schedule@xxxxxx.xxx
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: acl: owner = 1
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: acl vfile: Global ACLs disabled
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: Namespace : type=shared, prefix=Shared/%u/, sep=/, inbox=no, hidden=no, list=children, subscriptions=yes location=maildir:%Lh/Maildir/:INDEX=%Lh/Maildir/Shared/%u
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: shared: root=/var/run/dovecot, index=, indexpvt=, control=, inbox=, alt=
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: acl: initializing backend with data: vfile
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: acl: acl username = schedule@xxxxxx.xxx
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: acl: owner = 0
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: acl vfile: Global ACLs disabled
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: quota: quota_over_flag check: quota_over_script unset - skipping
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: Quota root: name=user backend=dict args=:proxy::quotadict
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: Quota rule: root=user mailbox=* bytes=1073741824 messages=0
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: Quota warning: bytes=1073741824 (100%) messages=0 reverse=no command=quota-warning 100 raw mail user
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: Quota warning: bytes=1020054732 (95%) messages=0 reverse=no command=quota-warning 95 raw mail user
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: Quota warning: bytes=966367641 (90%) messages=0 reverse=no command=quota-warning 90 raw mail user
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: Quota warning: bytes=912680550 (85%) messages=0 reverse=no command=quota-warning 85 raw mail user
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: Quota grace: root=user bytes=107374182 (10%)
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: dict quota: user=raw mail user, uri=proxy::quotadict, noenforcing=0
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: none: root=, index=, indexpvt=, control=, inbox=, alt=
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: quota: quota_over_flag check: quota_over_script unset - skipping
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: Destination address: schedule@xxxxxx.xxx (source: user@hostname)
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: sieve: Pigeonhole version 0.4.20 (7cd71ba) initializing
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: sieve: file storage: Storage path `/var/vmail/vmail1/xxxxxx.xxx/s/c/h/schedule-2018.11.08.15.33.18//sieve' not found
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: sieve: file storage: Failed to normalize active script directory (path=/var/vmail/vmail1/xxxxxx.xxx/s/c/h/schedule-2018.11.08.15.33.18//sieve): Part of the path does not exist (yet)
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: sieve: file storage: Using Sieve script path: /var/vmail/vmail1/xxxxxx.xxx/s/c/h/schedule-2018.11.08.15.33.18//sieve/dovecot.sieve
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: sieve: file storage: Storage path `/var/vmail/vmail1/xxxxxx.xxx/s/c/h/schedule-2018.11.08.15.33.18//sieve/dovecot.sieve' not found
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: sieve: storage: No default script location configured
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: sieve: User has no personal script
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: sieve: file storage: Using Sieve script path: /var/vmail/sieve/dovecot.sieve
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: sieve: file script: Opened script `dovecot' from `/var/vmail/sieve/dovecot.sieve'
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: sieve: Executed before user's personal Sieve script(1): /var/vmail/sieve/dovecot.sieve
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: Mailbox stdin: Opened mail UID=1 because: header Message-ID (Cache file is unusable)
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: sieve: Opening script 1 of 1 from `/var/vmail/sieve/dovecot.sieve'
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: sieve: Loading script /var/vmail/sieve/dovecot.sieve
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: sieve: Script binary /var/vmail/sieve/dovecot.svbin successfully loaded
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: sieve: binary save: not saving binary /var/vmail/sieve/dovecot.svbin, because it is already stored
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: sieve: Executing script from `/var/vmail/sieve/dovecot.svbin'
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: Mailbox stdin: Opened mail UID=1 because: header X-Spam-Flag (Cache file is unusable)
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: INBOX: Mailbox opened because: lib-lda delivery
Dec 03 13:06:09 lda(schedule@xxxxxx.xxx): Debug: Mailbox stdin: Opened mail UID=1 because: copyingthe mail log below shows it come in, in which the email was to both schedule and Lorenzo, but only Lorenzo received the email and the email cannot be found on the server at all.
Dec 3 13:06:07 mx postfix/smtpd[8997]: connect from mail-eopbgr1390138.outbound.protection.outlook.com[40.107.139.138]
Dec 3 13:06:08 mx postfix/smtpd[8997]: A83A08161045: client=mail-eopbgr1390138.outbound.protection.outlook.com[40.107.139.138]
Dec 3 13:06:09 mx postfix/cleanup[9017]: A83A08161045: message-id=<3A3359C5-068C-45CF-8173-8328106D37D8@xxxxxx.xxx>
Dec 3 13:06:09 mx postfix/qmgr[27333]: A83A08161045: from=<richard@xxxxxx.xxx>, size=5863, nrcpt=2 (queue active)
Dec 3 13:06:09 mx clamd[1767]: SelfCheck: Database status OK.
Dec 3 13:06:09 mx postfix/smtpd[8997]: disconnect from mail-eopbgr1390138.outbound.protection.outlook.com[40.107.139.138]
Dec 3 13:06:09 mx postfix/smtpd[9028]: connect from mx.diamondplumbingtexas.com[127.0.0.1]
Dec 3 13:06:09 mx postfix/smtpd[9028]: 9DCB28171891: client=mx.diamondplumbingtexas.com[127.0.0.1]
Dec 3 13:06:09 mx postfix/cleanup[9017]: 9DCB28171891: message-id=<3A3359C5-068C-45CF-8173-8328106D37D8@xxxxxx.xxx>
Dec 3 13:06:09 mx postfix/qmgr[27333]: 9DCB28171891: from=<richard@xxxxxx.xxx>, size=6634, nrcpt=2 (queue active)
Dec 3 13:06:09 mx postfix/smtpd[9028]: disconnect from mx.diamondplumbingtexas.com[127.0.0.1]
Dec 3 13:06:09 mx amavis[1192]: (01192-18) Passed CLEAN {RelayedInbound}, [40.107.139.138]:6126 [40.107.139.138] <richard@xxxxxx.xxx> -> <lorenzo@xxxxxx.xxx>,<schedule@xxxxxx.xxx>, Queue-ID: A83A08161045, Message-ID: <3A3359C5-068C-45CF-8173-8328106D37D8@xxxxxx.xxx>, mail_id: KmDf5hoBfiFE, Hits: -, size: 5856, queued_as: 9DCB28171891, dkim_sd=selector1-xxxxxxx-com:xxxxxxxxxx.onmicrosoft.com, 363 ms
Dec 3 13:06:09 mx postfix/smtp[9025]: A83A08161045: to=<lorenzo@xxxxxx.xxx>, relay=127.0.0.1[127.0.0.1]:10024, delay=1.1, delays=0.72/0.01/0/0.38, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 9DCB28171891)
Dec 3 13:06:09 mx postfix/smtp[9025]: A83A08161045: to=<schedule@xxxxxx.xxx>, relay=127.0.0.1[127.0.0.1]:10024, delay=1.1, delays=0.72/0.01/0/0.38, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 9DCB28171891)
Dec 3 13:06:09 mx postfix/qmgr[27333]: A83A08161045: removed
Dec 3 13:06:09 mx postfix/pipe[9030]: 9DCB28171891: to=<schedule@xxxxxx.xxx>, relay=dovecot, delay=0.33, delays=0.03/0.02/0/0.28, dsn=2.0.0, status=sent (delivered via dovecot service)
Dec 3 13:06:10 mx postfix/pipe[9029]: 9DCB28171891: to=<lorenzo@xxxxxx.xxx>, relay=dovecot, delay=0.36, delays=0.03/0.01/0/0.32, dsn=2.0.0, status=sent (delivered via dovecot service)
Dec 3 13:06:10 mx postfix/qmgr[27333]: 9DCB28171891: removedIt think Amavisd still logs detailed log as you wish, but your "grep" got wrong log lines. I suggest double check, for example, run command "less /var/log/maillog", then search "amavis".
I can guarantee those log entries are not happening. I have tried setting the log_level from 0 to 5 in amavisd.conf, and there is no difference in the log output no matter what I set the log_level. I am linux system administrator, and I know how to tail, less and grep. I am not seeing those entries in the log. As I said, they were there a couple of week ago, and now they are not.
Did you try this throttle setting for external domain/sender/ip?
https://bitbucket.org/zhb/iredapd/src/7 … #lines-128jstewart wrote:Update - it seems that neither inbound nor outbound throttling is working. The database table throttle_tracking is being updated with the cur_msgs incrementing properly the tid appears correct, but it seems that the system isn't reading the settings from the throttle table. My test account is set to throttle at 3 messages outbound and 4 messages inbound, but I send as many emails from the account as I want, and all inbound mail is arriving as well.
Try to turn on debug mode in iRedAPD, it logs more detailed message for troubleshooting.
FYI: https://docs.iredmail.org/debug.iredapd.html
This user is throttled to max 3 outbound per day. I send 5, and they all went through
2018-12-06 08:32:16 DEBUG smtp session: request=smtpd_access_policy
2018-12-06 08:32:16 DEBUG smtp session: protocol_state=END-OF-MESSAGE
2018-12-06 08:32:16 DEBUG smtp session: protocol_name=ESMTP
2018-12-06 08:32:16 DEBUG smtp session: client_address=127.0.0.1
2018-12-06 08:32:16 DEBUG smtp session: client_name=localhost
2018-12-06 08:32:16 DEBUG smtp session: reverse_client_name=localhost
2018-12-06 08:32:16 DEBUG smtp session: helo_name=_
2018-12-06 08:32:16 DEBUG smtp session: sender=sender@mydomain.com
2018-12-06 08:32:16 DEBUG smtp session: recipient=receiver@gmail.com
2018-12-06 08:32:16 DEBUG smtp session: recipient_count=1
2018-12-06 08:32:16 DEBUG smtp session: queue_id=4DC8F42C74C3
2018-12-06 08:32:16 DEBUG smtp session: instance=1526.5c0924e0.4d90e.0
2018-12-06 08:32:16 DEBUG smtp session: size=375
2018-12-06 08:32:16 DEBUG smtp session: etrn_domain=
2018-12-06 08:32:16 DEBUG smtp session: stress=
2018-12-06 08:32:16 DEBUG smtp session: sasl_method=LOGIN
2018-12-06 08:32:16 DEBUG smtp session: sasl_username=sender@mydomain.com
2018-12-06 08:32:16 DEBUG smtp session: sasl_sender=
2018-12-06 08:32:16 DEBUG smtp session: ccert_subject=
2018-12-06 08:32:16 DEBUG smtp session: ccert_issuer=
2018-12-06 08:32:16 DEBUG smtp session: ccert_fingerprint=
2018-12-06 08:32:16 DEBUG smtp session: ccert_pubkey_fingerprint=
2018-12-06 08:32:16 DEBUG smtp session: encryption_protocol=TLSv1
2018-12-06 08:32:16 DEBUG smtp session: encryption_cipher=ECDHE-RSA-AES256-SHA
2018-12-06 08:32:16 DEBUG smtp session: encryption_keysize=256
2018-12-06 08:32:16 DEBUG LDAP connection initialied success.
2018-12-06 08:32:16 DEBUG LDAP bind success.
2018-12-06 08:32:16 DEBUG Skip plugin: reject_null_sender (protocol_state != END-OF-MESSAGE)
2018-12-06 08:32:16 DEBUG Skip plugin: wblist_rdns (protocol_state != END-OF-MESSAGE)
2018-12-06 08:32:16 DEBUG Skip plugin: reject_sender_login_mismatch (protocol_state != END-OF-MESSAGE)
2018-12-06 08:32:16 DEBUG Skip plugin: greylisting (protocol_state != END-OF-MESSAGE)
2018-12-06 08:32:16 DEBUG --> Apply plugin: throttle
2018-12-06 08:32:16 DEBUG Found sasl_username, consider this sender as an internal sender.
2018-12-06 08:32:16 DEBUG Check sender throttling.
2018-12-06 08:32:16 DEBUG [LDAP] query target domain of given alias domain (cyg.net).
2018-12-06 08:32:16 DEBUG [LDAP] query filter: ((&(objectClass=mailDomain)(accountStatus=active)(domainAliasName=cyg.net)))
2018-12-06 08:32:16 DEBUG result: []
2018-12-06 08:32:16 DEBUG [SQL] Query throttle setting:
2018-12-06 08:32:16 DEBUG [SQL] Query result:
2018-12-06 08:32:16 DEBUG sender throttle setting: msg_size=0 (bytes)/id=9/account=sender@mydomain.com; max_msgs=3/id=9/account=sender@mydomain.com; max_quota=0 (bytes)/id=9/account=sender@mydomain.com;
2018-12-06 08:32:16 DEBUG [SQL] Query throttle tracking data:
2018-12-06 08:32:16 DEBUG [SQL] Query result:
2018-12-06 08:32:16 DEBUG Tracking IDs: {(9L, 'sender@mydomain.com'): 256284L}
2018-12-06 08:32:16 INFO [127.0.0.1] sender throttle, sender@mydomain.com -> msg_size (375/0, period: 86400 seconds, time left: 23 hours, 59 minutes, 14 seconds)
2018-12-06 08:32:16 INFO [127.0.0.1] sender throttle, sender@mydomain.com -> max_quota (1125/0, period: 86400 seconds, time left: 23 hours, 59 minutes, 14 seconds)
2018-12-06 08:32:16 DEBUG [SQL] Update tracking record(s):
2018-12-06 08:32:16 DEBUG [OK] Passed all sender throttle settings.
2018-12-06 08:32:16 DEBUG Bypass recipient throttling (found sasl_username).
2018-12-06 08:32:16 DEBUG <-- Result: DUNNO
2018-12-06 08:32:16 DEBUG Skip plugin: ldap_maillist_access_policy (protocol_state != END-OF-MESSAGE)
2018-12-06 08:32:16 DEBUG Skip plugin: amavisd_wblist (protocol_state != END-OF-MESSAGE)
2018-12-06 08:32:16 DEBUG Session ended.
2018-12-06 08:32:16 INFO [127.0.0.1] END-OF-MESSAGE, sender@mydomain.com => receiver@gmail.com, DUNNO [recipient_count=1, size=375, process_time=0.0084s]
2018-12-06 08:32:16 DEBUG Close LDAP connection.
Why would it be skipping these:
2018-12-06 08:32:16 DEBUG Skip plugin: reject_null_sender (protocol_state != END-OF-MESSAGE)
2018-12-06 08:32:16 DEBUG Skip plugin: wblist_rdns (protocol_state != END-OF-MESSAGE)
2018-12-06 08:32:16 DEBUG Skip plugin: reject_sender_login_mismatch (protocol_state != END-OF-MESSAGE)
2018-12-06 08:32:16 DEBUG Skip plugin: greylisting (protocol_state != END-OF-MESSAGE)
They are enabled in settings.py, and files are in the plugins folder
martin.rott wrote:here you have the problematic part:
The logic is: If you host domain "example.com" on iRedMail server, then you remove it, all address *@example.com become invalid/dead. So we need to remove them also.
The problem of the logic of your suggestion is: if we remove domain but still keep the destination forwarding addresses, many addresses are invalid/dead, if you don't activate mail service for this remove domain somewhere again, emails sent to them will be always bounced/rejected.
Sorry Zhang but I have to strongly disagree here - there's no logic about deleting forwardings belonging under different domain than I am deleting. That those mails will be bounced (if the domain/mailbox/whatever isn't created elsewhere) is the correct solution (so the administrator will get a hint about forgotten forwarding in different domain that is not working).
I found this out after few days when these forwardings weren't working without any notification from Iredmail or anything, because it just silently stopped forwarding. Situations when this can happen are a bunch, for example mailserver migration, DNS switching..
Just imagine you have one Iredmail with two domains and you are moving one of those domains to another Iredmail server(both domains are variously forwarding emails between each other - pretty usual situation)..
Et cetera et cetera..
Regards,
Martin Rott
I follow the guide
1- Sender dependent relay host
and
2 -Manage with command line tools
sql> USE vmail; sql> INSERT INTO sender_relayhost (account, relayhost) VALUES ('user@domain.com', '[mail.gmail.com]:25'); when i send mail from user@gmail.com from sendmail to myuser@myserver.com i recibe this
Received: from mail.mydomain.com (localhost [127.0.0.1])
by mail.mydomain.com (Postfix) with ESMTP id A44746548B
for <myuser@myserver.com>; Thu, 6 Dec 2018 11:14:23 -0300 (-03)
X-Virus-Scanned: Debian amavisd-new at mail.mydomain.comPlz help i m stack here!
EDIT: to the primary question in this thread, I see there almost similar pattern in user SQL library - the SQL queries are totally unaware of the mail domain under which the user belongs, couldn't be this the root cause?
The logic is slightly different than removing a domain, you just remove one user, but the domain is still hosted on your server. So we should remove this user from forwarding destination. isn't it?
I absolutely love Iredmail, we bought Iredadmin-Pro and are looking forward for buying support just to keep at least some funding for this excellent opensource project, just trying to convince you that this is potentially really dangerous.
Thank you very much. 
Why would it be skipping these:
2018-12-06 08:32:16 DEBUG Skip plugin: reject_null_sender (protocol_state != END-OF-MESSAGE)
2018-12-06 08:32:16 DEBUG Skip plugin: wblist_rdns (protocol_state != END-OF-MESSAGE)
2018-12-06 08:32:16 DEBUG Skip plugin: reject_sender_login_mismatch (protocol_state != END-OF-MESSAGE)
2018-12-06 08:32:16 DEBUG Skip plugin: greylisting (protocol_state != END-OF-MESSAGE)
Postfix will send info to iRedAPD TWICE for EACH email, with protocol_state == RCPT and END-OF-MESSAGE.
These skipped plugins are applied in RCPT state, and you didn't copy its log from iRedAPD log file.
Throttling for max messages is applied in RCPT, please check iRedAPD log again, copy them here for troubleshooting.
OK, here's a quick solution: add line below in Amavisd config file (better at the bottom of config file to avoid unexpected overwritten), then restart amavisd service:
$log_templ = $log_verbose_templ;- Do these 2 users have personal filter rules with forwarding / redirect rules configured with Roundcube/SOGo?
- What's the log in /var/log/dovecot/lda.log?
- What's the content in /var/vmail/sieve/dovecot.sieve?
I want to point mail.example.com that points to 192.99.70.219/sogo
You need to add a new virtual web host in Nginx, and set its server name (in nginx config) to mail.example.com.
You can simply copy /etc/nginx/sites-available/00-default-ssl.conf directly, then replace server name, also remove the "include /etc/nginx/templates/..." lines that you DO NOT WANT (keep the ones you need).
After that, create a symbol link of /etc/nginx/sites-available/<your-new-file>.conf to /etc/nginx/sites-enabled/, restart Nginx service.
I suggest check some Nginx tutorials to understand how to add new virtual host. it's not hard at all, just need some practice.
Unfortunately, iRedAPD-2.0 has a bug that it doesn't treat address leading with '#' (e.g. '#user@domain.com') as a valid email address, so it's bypassed.
iRedAPD-2.1 (and later releases) fixed this issue. So please upgrade.
==== UPDATE ====
Here's patch for iRedAPD-2.0 to fix it if you don't want to upgrade right now:
https://bitbucket.org/zhb/iredapd/commi … bdbb4f5b01
把这个客户换掉。。。(kidding)
这种行为模式和 spammer 无异,通常就是被挡掉的。为何他要这样做?
我也是第一次遇到這種客人,我想他應該是透過微軟的託管郵箱發送的,感謝你
Check the document root of your web host. make sure the "index.html" or "index.php" doesn't redirect to another URL.
An update on this issue
====================
The solution to my case is here: https://www.thesudoer.com/?p=264
Also, I tried both HAProxy and Nginx for reverse proxy. Both worked just fine with iRedMail 0.9.8.
