Koozali.org: home of the SME Server

Filter outgoing mail?

Offline gippsweb

  • ****
  • 232
  • +0/-0
    • Wots I.T.?
Filter outgoing mail?
« on: October 10, 2007, 05:33:05 AM »
Is it possible to filter outgoing mail from SME for non-domain/workgroup pc's?

Scenario: Small pc repair shop plugs pc into network to check for problems. Moments later ISP rings complaining about spam eminating from pc shops ADSL connection.

EDIT: I did a search, but didn't locate anything appropriate.
PS I'm using SME7.2 in gateway mode

Offline raem

  • *
  • 3,972
  • +4/-0
Re: Filter outgoing mail?
« Reply #1 on: October 10, 2007, 06:20:46 AM »
gippsweb

>...spam eminating from pc shops ADSL connection.

Do you have the smtp proxy enabled on your sme server ?
With the smtp proxy enabled, then the email client must be configured to use your mail server. If not configured, then mail should not be able to get sent, so don't configure the client PC's being repaired to use your mail server.

If you don't have the smtp proxy enabled, then rougue viruses on workstations can create their own software smtp server, or use an external smtp server to send spam etc. So it's better (safer) to enable the sme smtp proxy to protect against this scenario ie the virus won't know what smtp server to use.
...

Offline gippsweb

  • ****
  • 232
  • +0/-0
    • Wots I.T.?
Re: Filter outgoing mail?
« Reply #2 on: October 10, 2007, 06:45:48 AM »
Damn that was a quick reply Ray.

I should have mentioned that the SMTP proxy is on. (I figured it only worked on incoming mail as it figured anything on the LAN would be "safe")
We don't change any mail settings on clients PC's.

I have mail to unknown users set to reject (no good in this case as the mail is just passing through)
Virus scanning and Spam filtering on(Spam Filtering set fairly aggressively)
POP3 server access is set to private and public as we have a couple of remote users.

Offline raem

  • *
  • 3,972
  • +4/-0
Re: Filter outgoing mail?
« Reply #3 on: October 10, 2007, 07:22:17 AM »
gippsweb

Quote
.... SMTP proxy is on. (I figured it only worked on incoming mail as it figured anything on the LAN would be "safe")
We don't change any mail settings on clients PC's.

The smtp proxy forces local users to send mail via the sme server smtp mail server, to my undertanding it has nothing to do with incoming mail.

So you surmise that the phone call from your ISP, suggests the spam is coming from the recently connected customers PC under test. So how then is the mail getting from the PC to your sme server's mail server if you do not configure the client PC's to use your mail server ?

Did you check the qpsmtpd log files to see where the spam was really coming from ?

If spam email is being sent directly from the PC (not via your sme server), then the smtp proxy must be disabled.
...

Offline gippsweb

  • ****
  • 232
  • +0/-0
    • Wots I.T.?
Re: Filter outgoing mail?
« Reply #4 on: October 10, 2007, 07:40:00 AM »
Going by the qpsmtpd log, it's the recently connected pc causing the spam.

There has "never" been any need for us to change mail settings on a customers pc to connect to our SME pc.

The smtp proxy must be working as qpsmtpd is passing and logging the mail. SME appears to be virus scanning outgoing mail but not spam filtering.

Spam filtering on incoming mail definately works as it blocks more than 60% of incoming mail.

SMTP proxy is definately enabled. I've even disabled and reenabled it just to be sure.

Offline raem

  • *
  • 3,972
  • +4/-0
Re: Filter outgoing mail?
« Reply #5 on: October 10, 2007, 07:59:21 AM »
gippsweb

Quote
There has "never" been any need for us to change mail settings on a customers pc to connect to our SME pc.

Exactly how is the customers PC configured then to send email to your sme servers mail server ?
Surely you must need to have mail.yourdomain.com as the smtp & POP/IMAP servers setup in their email client, or are you talking about some other eg webmail system ?

...

Offline gippsweb

  • ****
  • 232
  • +0/-0
    • Wots I.T.?
Re: Filter outgoing mail?
« Reply #6 on: October 10, 2007, 08:17:50 AM »
After re-reading that it doesn't sound right does it  :?
The customers pc would be configured to send via there own isp.

Although this bug must to using it's own smtp engine as no email programs are open/running on it.

As SME thinks pc's on the LAN are safe (if thats the right way to look at it) is the machine relaying through it? Or am I just way to tired and looking at it all wrong.

Offline raem

  • *
  • 3,972
  • +4/-0
Re: Filter outgoing mail?
« Reply #7 on: October 10, 2007, 09:11:07 AM »
gippsweb

Quote
Although this bug must to using it's own smtp engine as no email programs are open/running on it.

That's typically what happens, and it can only connect to the outside world if your smtp proxy is disabled.

Are you sure we are referring to the same setting.
What output do these commands show ?

config show SMTPSmartHost

config show smtpd

...

Offline gippsweb

  • ****
  • 232
  • +0/-0
    • Wots I.T.?
Re: Filter outgoing mail?
« Reply #8 on: October 10, 2007, 09:30:47 AM »
config show SMTPSmartHost shows our ISP's mail server

config show smtpd
smtpd=service
    Authentication=disabled
    Instances=40
    InstancesPerIP=5
    MaximumDateOffset=0
    PatternsScan=enabled
    Proxy=enabled
    TCPPort=25
    TCPProxyPort=25
    VirusScan=enabled
    access=public
    status=enabled
    tnef2mime=enabled


Offline mmccarn

  • *
  • 2,626
  • +10/-0
Re: Filter outgoing mail?
« Reply #9 on: October 10, 2007, 04:16:55 PM »
You could enable smtp authentication for internal users: http://wiki.contribs.org/Email#How_do_I_enable_smtp_authentication_for_users_on_the_internal_network.

Or you could block outgoing traffic from unauthorized computers using http://bugs.contribs.org/show_bug.cgi?id=2977

I'd recommend something like this:

Code: [Select]
Internet
   |
Router----DMZ->SME----Work_PCs
   |
Client_PCs

Then make a rule on 'Router' that blocks everything except 80 & 443 from every system except the SME...  This solution will prevent "sick" client computers from pushing windows viruses onto your office computers... 

Offline gippsweb

  • ****
  • 232
  • +0/-0
    • Wots I.T.?
Re: Filter outgoing mail?
« Reply #10 on: October 12, 2007, 05:38:11 AM »
Whats the difference between smtpd and qpsmtpd?

I added smtp authentication for internal users as per the wiki and did a config show smtpd, it still shows Authentication=disabled
I did a config setprop smtpd Authentication enabled
was this correct or should I have left it disabled?

Anyway having followed the wiki for setting authentication didn't stop the spam flowing outwards, I am about to try again since changing the other setting.

Offline raem

  • *
  • 3,972
  • +4/-0
Re: Filter outgoing mail?
« Reply #11 on: October 12, 2007, 07:37:28 AM »
gippsweb

I would have thought the more important task was to virus scan the errant PC and remove the virus that is sending the mail, before reconnecting to the Internet.
...

Offline gippsweb

  • ****
  • 232
  • +0/-0
    • Wots I.T.?
Re: Filter outgoing mail?
« Reply #12 on: October 12, 2007, 07:43:09 AM »
You are dead right Ray, and that is what will happen.

The issue is that this pc didn't come in for this and although it only ran for 10 minutes, I got caught unawares. I want to stop this unfortunate event from accidentally happening again. Hence trying to find a way to stop it.


Offline raem

  • *
  • 3,972
  • +4/-0
Re: Filter outgoing mail?
« Reply #13 on: October 12, 2007, 01:12:46 PM »
gippsweb

Try this
http://forums.contribs.org/index.php?topic=37821.0

You will need to do

mkdir -p /etc/e-smith/templates-custom/var/service/qpsmtpd/config/peers/local
cd /etc/e-smith/templates-custom/var/service/qpsmtpd/config/peers/local
cp /etc/e-smith/templates/var/service/qpsmtpd/config/peers/0/05auth_cvm_unix_local .
signal-event email-update

(note the "." at the end of the 3rd line)
Authentication for the local network will now follow the setting of config::qpsmtpd::Authentication

Then do
config setprop qpsmtpd Authentication enabled 
signal-event email-update

Then
mkdir -p /etc/e-smith/templates-custom/var/service/qpsmtpd/config/relayclients
echo "# SMTP Relay from local network denied by custom template" >\
/etc/e-smith/templates-custom/var/service/qpsmtpd/config/relayclients/80relayFromLocalNetwork
signal-event email-update

In all your email clients,
change outgoing smtp port to 465 and select SSL and
enable Authentication against the outgoing mail server

« Last Edit: October 12, 2007, 02:20:46 PM by RayMitchell »
...

Offline raem

  • *
  • 3,972
  • +4/-0
Re: Filter outgoing mail?
« Reply #14 on: October 12, 2007, 02:24:19 PM »
gippsweb

Quote
I did a config setprop smtpd Authentication enabled
was this correct or should I have left it disabled?

Wrong key, it should have been qpsmtpd. Leave it disabled, so do

config setprop smtpd Authentication disabled
signal-event email-update

...

Offline raem

  • *
  • 3,972
  • +4/-0
Re: Filter outgoing mail?
« Reply #15 on: October 12, 2007, 02:26:21 PM »
gippsweb

Please let us know if the procedures suggested do in fact stop the spam coming from that PC when you reconnect it (without having cleaned it as yet, of course).
...

Offline gippsweb

  • ****
  • 232
  • +0/-0
    • Wots I.T.?
Re: Filter outgoing mail?
« Reply #16 on: October 14, 2007, 06:07:11 AM »
That looks like it may have worked Ray  :-P The daily report shows 3246 email and 3246 blocked due to non conformance.
It appears we have had a win.
Thank you both Ray an mmcarn for your advice. Now to formatting this customers PC and reinstalling the OS, there is just no cleaning this one.....

Offline jptechnical

  • **
  • 68
  • +0/-0
Re: Filter outgoing mail?
« Reply #17 on: September 13, 2008, 02:02:48 AM »
Sorry to resurrect an old post... but the instructions on the link did not work for me with 7.3 and latest updates (as of today).

I had to do the following, it didn't work otherwise:
Code: [Select]
config setprop smtpd Authentication enabled
signal-event email-update

http://wiki.contribs.org/Email#How_do_I_enable_smtp_authentication_for_users_on_the_internal_network.

Can anyone enlighten me on what upcoming trouble I have set myself up for?

p.s. Outlook 2007 sucks hard!



gippsweb

Wrong key, it should have been qpsmtpd. Leave it disabled, so do

config setprop smtpd Authentication disabled
signal-event email-update



Offline gippsweb

  • ****
  • 232
  • +0/-0
    • Wots I.T.?
Re: Filter outgoing mail?
« Reply #18 on: September 13, 2008, 02:19:25 AM »
config setprop qpsmtpd Authentication enabled
signal-event email-update

should be the key to locking down your network internally.
not the one you tried, as that is the same mistake I made just as you have pointed out in your post...

Offline jptechnical

  • **
  • 68
  • +0/-0
Re: Filter outgoing mail?
« Reply #19 on: September 13, 2008, 02:23:21 AM »
Ok, but I did the command with qpsmtpd, it didnt work. I even did the post command and rebooted. It wasn't until after I set smtpd enabled that it worked on the local lan.

Is the instruction on the wiki incorrect? Should it say smtpd instead of qpsmtpd?
If not, why did setting the property for smtpd work when qpsmtpd did not?

Thanks for that super quick response!

Offline gippsweb

  • ****
  • 232
  • +0/-0
    • Wots I.T.?
Re: Filter outgoing mail?
« Reply #20 on: September 13, 2008, 02:56:03 AM »
What is it you are attempting to do?
In my case we do a lot of PC repairs and needed to stop unsolicited mail from any internal PC that wasn't authenticated from leaving the network. (It was upsetting my ISP)..

Offline jptechnical

  • **
  • 68
  • +0/-0
Re: Filter outgoing mail?
« Reply #21 on: September 13, 2008, 03:00:22 AM »
All I need to do is overcome the stupid Outlook 2007 smtp auth errors inside the lan.

I have roadwarriors that need to have one setting, smtpauth, regardless of whether they are inside the lan or out. Outlook03 and down work fine, Outlook07 fails. The fixes all over the internet, including this board, say turn off smtpauth on the client, but that won't work for me, because I can't expect my clients to go into the mail account properties and turn on and off the smtpauth on their email account whenever they come in and out of the lan.

Thanks.

Offline gippsweb

  • ****
  • 232
  • +0/-0
    • Wots I.T.?
Re: Filter outgoing mail?
« Reply #22 on: September 13, 2008, 03:18:33 AM »
On mine with auth turned on I can use the secure settings both in and outside my lan.
The only issue I have is on the first check when outlook starts it pops up a message about the security certificate not being correct, but that is because its a self signed cert for my use only.
I could get a cert for it but its not really needed in my situation.

Offline jptechnical

  • **
  • 68
  • +0/-0
Re: Filter outgoing mail?
« Reply #23 on: September 13, 2008, 03:20:29 AM »
I don't get that. Of course, I am not using ssl for smtp yet, I don't want to do it until the server is in place for a bit and it I have the kinks worked out, then I will get a cert and enable ssl.

Offline gippsweb

  • ****
  • 232
  • +0/-0
    • Wots I.T.?
Re: Filter outgoing mail?
« Reply #24 on: September 13, 2008, 03:26:41 AM »
If you have done a

config setprop qpsmtpd Authentication enabled
signal-event email-update

then all internal mail will have to pass through the sme mail server. ie; someone who has a home account with there own provider setup behind the sme box on a pc or laptop will not be able to sent mail out of the internal network.

If this is not what you want then leave it disabled.

Road warriors will only be able to connect using ports 465 and 995 with SSL and should be able to do the same internally. If you have set them up using standard type mail settings using ports 25 and 110 they won't be able to connect when on the road..

Offline janet

  • ****
  • 4,812
  • +0/-0
Re: Filter outgoing mail?
« Reply #25 on: September 13, 2008, 03:37:16 AM »
jptechnical

From
http://wiki.contribs.org/Email#How_do_I_enable_smtp_authentication_for_users_on_the_internal_network.

It says implementing those changes will then cause your system to follow the setting of config::qpsmtpd::Authentication

which is the part that says (in this thread) re a db setting
config setprop qpsmtpd Authentication enabled
signal-event email-update

Are you sure you followed the instructions carefully & accurately ?
Please check what you did again.

Have you also disabled smtp relay for unauthenticated local users ?
See
http://wiki.contribs.org/Email#How_do_I_disable_SMTP_relay_for_unauthenticated_LAN_clients

The whole idea of forcing smtp authentication for local (or external users) is to have secure access to your email system. You need to disable local smtp relay for unauthenticated users ie so users can only use the authenticated connection method.

I suggest/guess that you have not setup your user authentication correctly in the email clients.

From a system where this has been setup & is working:
config show qpsmtpd

qpsmtpd=service
    Authentication=enabled
    Bcc=disabled
    BccMode=cc
    BccUser=maillog
    DNSBL=disabled
    LogLevel=6
    MaxScannerSize=25000000
    RBLList=bl.spamcop.net:combined.njabl.org:dnsbl.ahbl.org:dnsbl-1.uceprotect.net:dnsbl-2.uceprotect.net:list.dsbl.org:multihop.dsbl.org:psbl.surriel.com:sbl-xbl.spamhaus.org
    RHSBL=disabled
    RequireResolvableFromHost=no
    SBLList=bogusmx.rfc-ignorant.org:multi.surbl.org:black.uribl.com:rhsbl.sorbs.net:bulk.rhs.mailpolice.com:fraud.rhs.mailpolice.com:porn.rhs.mailpolice.com:adult.rhs.mailpolice.com:ex.dnsbl.org:blackhole.securitysage.com
    access=public
    qplogsumm=disabled
    status=enabled

config show smtpd
smtpd=service
    Authentication=disabled
    Instances=40
    InstancesPerIP=5
    MaximumDateOffset=0
    PatternsScan=enabled
    Proxy=enabled
    TCPPort=25
    TCPProxyPort=25
    VirusScan=disabled
    access=public
    status=enabled
    tnef2mime=enabled

Please search before asking, an answer may already exist.
The Search & other links to useful information are at top of Forum.

Offline jptechnical

  • **
  • 68
  • +0/-0
Re: Filter outgoing mail?
« Reply #26 on: September 13, 2008, 04:17:25 AM »
I broke the forum  :shock:

I only want to add smtpauth inside the lan, I don't want to disable unauth relay (have a couple old coper/printers that scan to email and do not do smtpauth).

That said, the only difference in your config and my own is the addition of smtpd auth enabled. And it presently works. If I disable smtpd auth, it stops working (outlook 2007 throws up authentication error). I don't think it makes me an open relay, I redirected my port25 to this box, and then setup a remote client to send through it, it got relay denied without smtpauth, but then relayed fine with smtpauth back on in the client. *** edit, I redirected the port again and ran the abuse.net relay test, all pass, no relay ***

Since it is now doing exactly what I want it to do, why didn't the instructions to turn on smtp auth work? And, what harm will there be in having smtpd auth enabled in addition to qpsmtpd auth enabled? (Looking at your config and mine, the only difference was smtpd auth enabled and public instead of private)
« Last Edit: September 13, 2008, 04:19:42 AM by jptechnical »

Offline janet

  • ****
  • 4,812
  • +0/-0
Re: Filter outgoing mail?
« Reply #27 on: September 13, 2008, 04:40:29 AM »
jptechnical

Quote
If I disable smtpd auth, it stops working (outlook 2007 throws up authentication error)

As I understand it, all incoming & outgoing mail transactions are handled by qpsmtpd, so I'm not sure why you need to play around with smtpd settings. It suggests something is wrong elsewhere. What does the error message from Outlook exactly say ?

Have you setup your email client correctly to authenticate ?
ie
Configure your email clients to use smtps with authentication:
- change outgoing smtp port to 465 and select SSL
- enable Authentication against the outgoing mail server


Did you enable secure smtp in server manager Email panel ?


Quote
I only want to add smtpauth inside the lan, I don't want to disable unauth relay

OK that's fair enough, it just means both methods will work locally.

Here is the output from another system which does not have smtp authentication enabled.
Note there is no Authentication entry under the qpsmtpd key

config show qpsmtpd

qpsmtpd=service
    Bcc=disabled
    BccMode=cc
    BccUser=maillog
    DNSBL=enabled
    Instances=5
    LogLevel=8
    MaxScannerSize=55000000
    RBLList=zen.spamhaus.org:whois.rfc-ignorant.org
    RHSBL=disabled
    RequireResolvableFromHost=yes
    SBLList=dsn.rfc-ignorant.org
    access=public
    qplogsumm=disabled
    status=enabled


config show smtpd

smtpd=service
    Authentication=disabled
    Instances=10
    InstancesPerIP=2
    MaximumDateOffset=0
    PatternsScan=enabled
    Proxy=enabled
    TCPPort=25
    TCPProxyPort=25
    VirusScan=enabled
    access=public
    disclaimer=disabled
    status=enabled
    tnef2mime=enabled


You really should disable that smtpd entry ie do
config setprop smtpd Authentication disabled
signal-event email-update
Please search before asking, an answer may already exist.
The Search & other links to useful information are at top of Forum.

Offline jptechnical

  • **
  • 68
  • +0/-0
Re: Filter outgoing mail?
« Reply #28 on: September 13, 2008, 07:20:26 AM »
I copied and pasted the commands for making a new dir and copying the template, didn't forget the period at the end... but I am still cutting my teeth on sme, so I was going completely on trust. I didn't follow the next step of disabling relay because I didn't understand what it was doing or whether or not I could un-do it.

Here you go. Now that smtpd auth is disabled, I get this error on outlook 2007 with smtpauth in the account config, but NOT in outlook 2003 with the same settings.

On the outlook07 with smtpauth turned on in the account settings, I get this error:
http://www.google.com/search?q=0x800ccc80 
http://forums.contribs.org/index.php?topic=38580.0   - no followup
http://forums.contribs.org/index.php?topic=39677.0   - this was a patch in january, but the updates were after April... this get missed in the updates... never made it out of test? Besides, smeserver-qpsmtpd-1.2.1-53.el4.sme.noarch.rpm is listed as the patch, but yum info shows this is the version of qpsmtpd (would have saved 15mins of figuring out how to find that package if qpsmtpd had a -v argument! I gotta learn my around this.)
Code: [Select]
Name   : smeserver-qpsmtpd
Arch   : noarch
Version: 1.2.1
Release: 54.el4.sme

This is on 2 new computers, xpsp2 with no AV on it yet, so there is no chance it is AV related.

On outlook03 with the EXACT same config, it goes through with no issue.

The MINUTE I enable auth in smtpd the error goes away in 07 and the email is delivered... exactly as expected.

Perhaps this is a bug? Maybe something needs to be updated since Outlook07. In any case, the instructions for turning on smtpauth in pqsmtpd do not work with Outlook07. Again... I hate Outlook07!

settings with smtpdauth off
Code: [Select]
[root@sme ~]# config setprop smtpd Authentication disabled
[root@sme ~]# signal-event email-update
[root@sme ~]# config show qpsmtpd
qpsmtpd=service
    Authentication=enabled
    Bcc=disabled
    BccMode=cc
    BccUser=maillog
    DNSBL=disabled
    LogLevel=6
    MaxScannerSize=25000000
    RBLList=bl.spamcop.net:combined.njabl.org:dnsbl.ahbl.org:dnsbl-1.uceprotect.net:dnsbl-2.uceprotect.net:list.dsbl.org:multihop.dsbl.org:psbl.surriel.com:sbl-xbl.spamhaus.org
    RHSBL=disabled
    RequireResolvableFromHost=no
    SBLList=bogusmx.rfc-ignorant.org:multi.surbl.org:black.uribl.com:rhsbl.sorbs.net:bulk.rhs.mailpolice.com:fraud.rhs.mailpolice.com:porn.rhs.mailpolice.com:adult.rhs.mailpolice.com:ex.dnsbl.org:blackhole.securitysage.com
    access=public
    qplogsumm=disabled
    status=enabled
[root@sme ~]# config show smtpd
smtpd=service
    Authentication=disabled
    Instances=40
    InstancesPerIP=5
    MaximumDateOffset=0
    PatternsScan=enabled
    Proxy=enabled
    TCPPort=25
    TCPProxyPort=25
    VirusScan=enabled
    access=public
    status=enabled
    tnef2mime=enabled

settings with smtpdauth on
Code: [Select]
[root@sme ~]# config setprop smtpd Authentication enabled
[root@sme ~]# signal-event email-update
[root@sme ~]# config show qpsmtpd
qpsmtpd=service
    Authentication=enabled
    Bcc=disabled
    BccMode=cc
    BccUser=maillog
    DNSBL=disabled
    LogLevel=6
    MaxScannerSize=25000000
    RBLList=bl.spamcop.net:combined.njabl.org:dnsbl.ahbl.org:dnsbl-1.uceprotect.net:dnsbl-2.uceprotect.net:list.dsbl.org:multihop.dsbl.org:psbl.surriel.com:sbl-xbl.spamhaus.org
    RHSBL=disabled
    RequireResolvableFromHost=no
    SBLList=bogusmx.rfc-ignorant.org:multi.surbl.org:black.uribl.com:rhsbl.sorbs.net:bulk.rhs.mailpolice.com:fraud.rhs.mailpolice.com:porn.rhs.mailpolice.com:adult.rhs.mailpolice.com:ex.dnsbl.org:blackhole.securitysage.com
    access=public
    qplogsumm=disabled
    status=enabled
[root@sme ~]# config show smtpd
smtpd=service
    Authentication=enabled
    Instances=40
    InstancesPerIP=5
    MaximumDateOffset=0
    PatternsScan=enabled
    Proxy=enabled
    TCPPort=25
    TCPProxyPort=25
    VirusScan=enabled
    access=public
    status=enabled
    tnef2mime=enabled
[root@sme ~]#

ooh, I like the scrolling text boxes for code, saves so much page!

Offline jptechnical

  • **
  • 68
  • +0/-0
Re: Filter outgoing mail?
« Reply #29 on: September 13, 2008, 07:37:28 AM »
Just for grins, I did it again:

Code: [Select]
[root@sme ~]# mkdir -p /etc/e-smith/templates-custom/var/service/qpsmtpd/config/peers/local
[root@sme ~]# cd /etc/e-smith/templates-custom/var/service/qpsmtpd/config/peers/local
[root@sme local]# cp /etc/e-smith/templates/var/service/qpsmtpd/config/peers/0/05auth_cvm_unix_local .
cp: overwrite `./05auth_cvm_unix_local'? y
[root@sme local]# signal-event email-update
[root@sme local]# config setprop smtpd Authentication disabled
[root@sme local]# signal-event email-update
[root@sme local]# config show qpsmtpd
qpsmtpd=service
    Authentication=enabled
    Bcc=disabled
    BccMode=cc
    BccUser=maillog
    DNSBL=disabled
    LogLevel=6
    MaxScannerSize=25000000
    RBLList=bl.spamcop.net:combined.njabl.org:dnsbl.ahbl.org:dnsbl-1.uceprotect.net:dnsbl-2.uceprotect.net:list.dsbl.org:multihop.dsbl.org:psbl.surriel.com:sbl-xbl.spamhaus.org
    RHSBL=disabled
    RequireResolvableFromHost=no
    SBLList=bogusmx.rfc-ignorant.org:multi.surbl.org:black.uribl.com:rhsbl.sorbs.net:bulk.rhs.mailpolice.com:fraud.rhs.mailpolice.com:porn.rhs.mailpolice.com:adult.rhs.mailpolice.com:ex.dnsbl.org:blackhole.securitysage.com
    access=public
    qplogsumm=disabled
    status=enabled
[root@sme local]# config show smtpd
smtpd=service
    Authentication=disabled
    Instances=40
    InstancesPerIP=5
    MaximumDateOffset=0
    PatternsScan=enabled
    Proxy=enabled
    TCPPort=25
    TCPProxyPort=25
    VirusScan=enabled
    access=public
    status=enabled
    tnef2mime=enabled

I verified that this is for both relayed messages and messages for local delivery. Again, same result, even after going through the same steps again.

Offline janet

  • ****
  • 4,812
  • +0/-0
Re: Filter outgoing mail?
« Reply #30 on: September 13, 2008, 01:59:39 PM »
jptechnical

I don't have Outlook 2007 so I cannot test it.
This bug seems (amongst other things) to suggest setting problems in Outlook 2007
see post 13 & 14 for example

http://bugs.contribs.org/show_bug.cgi?id=2631

If you think the bug still exists despite supposed fixes having been released, then you should either add to the existing bug report or create a new bug (if you think your issue is different).

Bug reports here in the forums will not get the issue fixed, if there is an issue.
Please search before asking, an answer may already exist.
The Search & other links to useful information are at top of Forum.

Offline janet

  • ****
  • 4,812
  • +0/-0
Re: Filter outgoing mail?
« Reply #31 on: September 13, 2008, 03:05:05 PM »
gippsweb & jptechnical

Quote
The only issue I have is on the first check when outlook starts it pops up a message about the security certificate not being correct, but that is because its a self signed cert for my use only.

The self signed certificate should work quite OK. Make sure it is installed in your browser(s) (IE), and also access your mail server using
servername.yourdomain.com
rather than
mail.yourdomain.com
ie to match what is on the self signed certificate

Same thing with accessing https websites
ie use
https://servername.yourdomain.com/webmail
or whatever (this must of course be configured to resolve in external DNS eg you need to set the wildcard for *.domain.com)
Please search before asking, an answer may already exist.
The Search & other links to useful information are at top of Forum.

Offline jptechnical

  • **
  • 68
  • +0/-0
Re: Filter outgoing mail?
« Reply #32 on: September 13, 2008, 05:04:43 PM »
*** edit Nevermind on that, I will find the howto and instructiosn when I need it and am ready, Don't need to further hijack this thread ***

How can I regenerate a self-signed cert then? The internal domain is mydomain.corp, but the addon-domain for email is mydomain.com. I can change the external domain entry to sme.mydomain.com, but not the internal domaind and workgroup.
« Last Edit: September 13, 2008, 06:25:07 PM by jptechnical »

Offline janet

  • ****
  • 4,812
  • +0/-0
Re: Filter outgoing mail?
« Reply #33 on: September 14, 2008, 04:46:02 AM »
jptechnical

Quote
How can I regenerate a self-signed cert then?

signal-event post-upgrade
signal-event reboot

But why do you need to regenerate it ?

The domain referred in the self signed certificate is the main or primary domain name given to the server when you first set it up using the admin console eg mydomain.com.
The servername is the name you first gave the server when it was initially setup.
You will see these displayed at the top of the server manager screen.

The Windows Domain and workgroup name have nothing to do with it.
Please search before asking, an answer may already exist.
The Search & other links to useful information are at top of Forum.

Offline nefkho

  • ****
  • 183
  • +0/-0
    • http://www.cagothonglines.com
Re: Filter outgoing mail?
« Reply #34 on: March 11, 2010, 12:10:33 AM »
hi, anyone done this successfully, i did follow it but now my webpage age gone server-manager is gone all i get is "The connection was reset" all i want is to have my LAN email authenticated. :(

help please.. but accesss other site is ok.
Nef Kho  :-) .........

Offline gippsweb

  • ****
  • 232
  • +0/-0
    • Wots I.T.?
Re: Filter outgoing mail?
« Reply #35 on: March 11, 2010, 12:28:20 AM »
Yep, have had it successfully filtering our workshop since my original post here.
I don't understand how you could have lost all your http unless you have mistyped one of the instructions.

It works quite well here & regularly stop 10-20k mails from infected PC's

Offline nefkho

  • ****
  • 183
  • +0/-0
    • http://www.cagothonglines.com
Re: Filter outgoing mail?
« Reply #36 on: March 11, 2010, 12:55:04 AM »
thanks, are there copy of how were i can follow clearly have not sleep yet  :shock:
Nef Kho  :-) .........

Offline janet

  • ****
  • 4,812
  • +0/-0
Re: Filter outgoing mail?
« Reply #37 on: March 11, 2010, 02:18:10 AM »
nefkho
Quote
are there copy of how were i can follow clearly have not sleep yet

Please read available information already provided in this thread and in the FAQ.

http://wiki.contribs.org/Email#How_do_I_enable_smtp_authentication_for_users_on_the_internal_network

http://wiki.contribs.org/Email#How_do_I_disable_SMTP_relay_for_unauthenticated_LAN_clients
Please search before asking, an answer may already exist.
The Search & other links to useful information are at top of Forum.

Offline nefkho

  • ****
  • 183
  • +0/-0
    • http://www.cagothonglines.com
Re: Filter outgoing mail?
« Reply #38 on: March 13, 2010, 02:05:44 AM »
thanks,

i got it working now... :)

gippsweb how do you know the number of drop/block email send by the infected pc'?

thanks,
Nef Kho  :-) .........