My activities New request

contact atmail support

PH: +61 (7) 5357-6605

support@atmail.com

Follow

Blocking spammers based on SMTP HELO command

Stewart -

PROBLEM
Spammers are abusing my machine.

ENVIRONMENT

  • On-Premise Server + WebMail Installations: Version 6.0 > Current Version

CAUSE
If you are noticing a spammer is abusing your machine which is identifying with a common "HELO" command via SMTP, you can optionally deny all messages which match this rule.

For example a spammer might be identifying to your server with a fake HELO command which is common for all SMTP transactions.

RESOLUTION

  1. Edit /usr/local/atmail/mailserver/configure
  2. In the ACL
    acl_check_rcpt:
  3. You can append the new rule below for the HELO check
    deny message = HELO not allowed
    condition = ${if eq{$sender_helo_name}{spammer.com}{yes}{no}}
  4. Copy the rule for each domain you wish to check.
  5. Restart the Atmail services and the new HELO check is live.
    # telnet localhost 25
    Trying 127.0.0.1...
    Connected to localhost.localdomain (127.0.0.1).
    Escape character is '^]'.
    220 nexus.local.atmail.com Welcome to the @Mail SMTP Server ( Exim )
    helo spammer.com
    250 nexus.local.atmail.com Hello localhost [127.0.0.1]
    mail from: test@test.com
    250 OK
    rcpt to: test@nexus.atmail.com
    550 HELO not allowed


 

 

Have more questions? Submit a request

Comments