• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

spammers blokcking my inbound smtp

E

EzequielF

New Pleskian
Good afternoon, I´m having some problems with the inbound smtp sockets, we are receiving a constant attack from spammers, and they are taking all the sockets we have open for our users. We have enable SPF, greylisting, inbound control access through autentication, relay access with autentication also. but after some weeks we are on the same situation yet. We have spam assasin also installed as power pack from plesk, and we have add DSN black list from b.barracudacentral.org, bl.mailspike.net and bl.spamcop.net but we still suffer from this problem.

We have also try to increase the socket assigned to 200 and after some minutes they used all again and the CPU change increase up to 25% of the total capacity.

Any idea about how to resolve it please?

thank you in advance.
 
Javier P. said:
I have the same problem and I solved using this software and add to MailEnable Firewall the ip without permission.

http://www.digitalruby.com/securing-your-windows-dedicated-server/
Click to expand...

Thank you for the link, but with this program I could Ban IP that tried to connect to Exchange SMTP, not mailenable SMTP, for the other option that you mentioned that it´s to manually include the IP to the mailenable blacklist it´s a crazy thing as we have more that 200 sockeckt used per second so that could be a infinite scroll list.

There is any other option or software to automatically do this work?

thank you in advance.
 
I show my configuracion in the attach files.

img1.JPGimg2.JPGimg3.JPGimg4.JPG

I know, but in past I have the same problem and whit last configuracion, the IPBAN software all go right in 72h.

Then restart the server and wait 24-48h and you can see the inbound will be less ilegal connections. Then you can block range of ip or specific ip , because all conecion will be a boot or spider to make a brute force to get an smtp for spam.



*) My block ip list is an example. Now I have 1 or 2 connection
 
You must log in or register to reply here.

Similar threads

datea.services
Question Attempts to exceed outgoing limits: log of mails not sent
Replies
4
Views
557
Peter Debik
P
D
Question Huge attack on Mailbox
Replies
13
Views
2K
learning_curve
learning_curve
QWeb Ric
Forwarded to devs Spam filtering stops working when mail forwarding is enabled
Replies
2
Views
1K
QWeb Ric
QWeb Ric
M
Question Spam sent by my server
Replies
12
Views
5K
MarkM
MarkM
A
Resolved Suddenly started with odd behavior and 401 errors last week
Replies
19
Views
3K
UFHH01
U
Back
Top