• We value your experience with Plesk during 2024
    Plesk strives to perform even better in 2025. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2024.
    Please take this short survey:
    https://pt-research.typeform.com/to/AmZvSXkx
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

spammers blokcking my inbound smtp

E

EzequielF

New Pleskian
Good afternoon, I´m having some problems with the inbound smtp sockets, we are receiving a constant attack from spammers, and they are taking all the sockets we have open for our users. We have enable SPF, greylisting, inbound control access through autentication, relay access with autentication also. but after some weeks we are on the same situation yet. We have spam assasin also installed as power pack from plesk, and we have add DSN black list from b.barracudacentral.org, bl.mailspike.net and bl.spamcop.net but we still suffer from this problem.

We have also try to increase the socket assigned to 200 and after some minutes they used all again and the CPU change increase up to 25% of the total capacity.

Any idea about how to resolve it please?

thank you in advance.
 
Javier P. said:
I have the same problem and I solved using this software and add to MailEnable Firewall the ip without permission.

http://www.digitalruby.com/securing-your-windows-dedicated-server/
Click to expand...

Thank you for the link, but with this program I could Ban IP that tried to connect to Exchange SMTP, not mailenable SMTP, for the other option that you mentioned that it´s to manually include the IP to the mailenable blacklist it´s a crazy thing as we have more that 200 sockeckt used per second so that could be a infinite scroll list.

There is any other option or software to automatically do this work?

thank you in advance.
 
I show my configuracion in the attach files.

img1.JPGimg2.JPGimg3.JPGimg4.JPG

I know, but in past I have the same problem and whit last configuracion, the IPBAN software all go right in 72h.

Then restart the server and wait 24-48h and you can see the inbound will be less ilegal connections. Then you can block range of ip or specific ip , because all conecion will be a boot or spider to make a brute force to get an smtp for spam.



*) My block ip list is an example. Now I have 1 or 2 connection
 
You must log in or register to reply here.

Similar threads

datea.services
Question Attempts to exceed outgoing limits: log of mails not sent
Replies
4
Views
1K
Peter Debik
P
D
Question Huge attack on Mailbox
Replies
13
Views
2K
learning_curve
learning_curve
QWeb Ric
Forwarded to devs Spam filtering stops working when mail forwarding is enabled
Replies
2
Views
1K
QWeb Ric
QWeb Ric
M
Question Spam sent by my server
Replies
12
Views
6K
MarkM
MarkM
A
Resolved Suddenly started with odd behavior and 401 errors last week
Replies
19
Views
4K
UFHH01
U
Back
Top