help centre
For more info visit status.atmail.com

How can we help?


Search our knowledge base for answers to
common questions and latest updates.



My activities New request

Follow

Blocking spammers based on SMTP HELO command

Stewart -

PROBLEM
Spammers are abusing my machine.

ENVIRONMENT

  • On-Premise Server + WebMail Installations: Version 6.0 > Current Version

CAUSE
If you are noticing a spammer is abusing your machine which is identifying with a common "HELO" command via SMTP, you can optionally deny all messages which match this rule.

For example a spammer might be identifying to your server with a fake HELO command which is common for all SMTP transactions.

RESOLUTION

  1. Edit /usr/local/atmail/mailserver/configure
  2. In the ACL
    acl_check_rcpt:
  3. You can append the new rule below for the HELO check
    deny message = HELO not allowed
    condition = ${if eq{$sender_helo_name}{spammer.com}{yes}{no}}
  4. Copy the rule for each domain you wish to check.
  5. Restart the Atmail services and the new HELO check is live.
    # telnet localhost 25
    Trying 127.0.0.1...
    Connected to localhost.localdomain (127.0.0.1).
    Escape character is '^]'.
    220 nexus.local.atmail.com Welcome to the @Mail SMTP Server ( Exim )
    helo spammer.com
    250 nexus.local.atmail.com Hello localhost [127.0.0.1]
    mail from: test@test.com
    250 OK
    rcpt to: test@nexus.atmail.com
    550 HELO not allowed


 

 

Have more questions? Submit a request

Comments


Contact our support team


+61 (7) 5357 6605       support@atmail.com