1

Topic: iRedMail how to block SPAM

==== Required information ====
- iRedMail version: 0.8.7
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Linux/BSD distribution name and version: Ubuntu 12.04.3 64-bit
- Related log if you're reporting an issue: Oct 22 23:08:35 mail postfix/smtpd[10213]: NOQUEUE: reject: RCPT from 118-169-23-11.dynamic.hinet.net[118.169.23.11]: 504 5.5.2 <xxx.xxx.xxx.xxx>: Helo command rejected:
need fully-qualified hostname; from=<ahzkt@yahoo.com.jp> to=<iansmart123@yahoo.com.tw> proto=SMTP helo=<xxx.xxx.xxx.xxx>

====

Hi Zhang,

The moment we migrated from the hmail server we were using and pointed the public ip to our postfix server, mail.log immediately showed multiple errors of this, Is my server being used for SPAM? Though I can still send/receive, How to prevent this from happening? Server load might be affected.

Is my server an open relay or something?

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: iRedMail how to block SPAM

*) iRedMail is NOT open relay by default.
*) This error message is just normal: the sender's MUA didn't send a proper HELO identity, and iRedMail (Postfix) rejected it. Don't worry about this.

3

Re: iRedMail how to block SPAM

Thanks Zhang! Is there by any chance I can remove logging of that? I want to be able to atleast read logs while using tail. Its just not possible with that HELO messages popping always.

Or is it advisable that we block that IP address from our firewall?

ZhangHuangbin wrote:

*) iRedMail is NOT open relay by default.
*) This error message is just normal: the sender's MUA didn't send a proper HELO identity, and iRedMail (Postfix) rejected it. Don't worry about this.

4

Re: iRedMail how to block SPAM

freeda.suing wrote:

Is there by any chance I can remove logging of that? I want to be able to atleast read logs while using tail. Its just not possible with that HELO messages popping always.

Use tail with 'grep' please. if you don't like this message, just remove it with 'grep -v'.

freeda.suing wrote:

Or is it advisable that we block that IP address from our firewall?

Should be fine, but you must be very careful. Sometimes a normal mail server admin will make some mistake.

5

Re: iRedMail how to block SPAM

Thanks Zhang! you may now close this post.

ZhangHuangbin wrote:
freeda.suing wrote:

Is there by any chance I can remove logging of that? I want to be able to atleast read logs while using tail. Its just not possible with that HELO messages popping always.

Use tail with 'grep' please. if you don't like this message, just remove it with 'grep -v'.

freeda.suing wrote:

Or is it advisable that we block that IP address from our firewall?

Should be fine, but you must be very careful. Sometimes a normal mail server admin will make some mistake.