• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Question block .local (invalid) emails (spam issue)

N

nrg

New Pleskian
My server is getting attacked with large amounts of incoming spam emails (thousands an hour!), which delays delivery of normal valid emails, and causes all sorts of issues.

All of these spam messages show the same invalid sender address in the Mail Queue: <[email protected]> (see below)

I added 3-it.local to the Black List at the Server-Wide Mail Settings page, but that won't stop these emails from coming in. Adding [email protected] to the Spam Filter Settings page (Black List tab) won't help either, while SpamAssassin is active.

Is this not working because of the invalid/unknown domain?

How can I stop this madness? I already removed these emails several times from the mail queue, but they keep coming in rapidly, see:
http://3.1m.yt/3D9z50G.jpg - mailqueue list
http://1.1m.yt/rOEhpO5.jpg - email header (notice that the IPs are different for all emails)


Any help is appreciated!

Plesk 12.0.18 update #85 on CentOS 6.6 (Final)
 
Hi nrg,

you don't provide informations about your used mail - server configuration, so that investigations could not be done. At the moment, we can only guess, that you may have some misconfiguration or non-standard settings, which allows "[email protected]" to send mails.
In addition you should be sure to disallow anonymous SASL connections and forbid unauthorized connections!

If you would further help, pls. consider to add your configuration files and add as well the COMPLETE part of the error - log ... not only one line!
 
hello,

You can block it from postfix rule in this way, add this into main.cf:

Code: 
echo "header_checks = regexp:/etc/postfix/header_checks" >> /etc/postfix/main.cf

create a file called "header_checks", and insert this line:

Code: 
/^From:(.*)[email protected](.*)/       REJECT

save this file, and do this command:

Code: 
postmap /etc/postfix/header_checks

after:

Code: 
service postfix reload

that's all!

i'm sorry for delay, but i'm enter in the forum today for the first time :)
 
You must log in or register to reply here.

Similar threads

G
Resolved Emails not being blocked by server wide mail settings/blacklist
Replies
4
Views
916
gregconway
G
propz
Resolved Email Domain Blacklisting not working 100%
Replies
7
Views
2K
Kaspar
K
C
Question Analysing Sender IP in Mail Headers
Replies
0
Views
503
Change Maker
C
P
Question Plesk Email Security Block list doesn't work
Replies
5
Views
1K
Kaspar
K
S
Issue Email deliverability issues
Replies
6
Views
1K
JVG
J
Back
Top