mailfilter in front of Directadmin

R

RaZer0r

Verified User
Joined
Sep 14, 2007
Messages
62
Hi,

I have a appliance (MailCleaner) sitting in front of my mail traffic and would need to figure out the following:

my appliance is using the hostname: mailcleaner.breeze.be as hostname and tries to forward the mails to an internal directadmin port (same subnet)

but, when testing I get:

2015-12-10 16:20:46 H=mailfilter.breeze.be (breeze.be) [192.168.70.57] rejected EHLO or HELO breeze.be: Bad HELO - Host impersonating domain name [breeze.be]

Directadmin server is listening for mails on 192.168.70.50 (and an external ip as well).
I tried adding the ip to /etc/virtual/whitelist_hosts_ip but that does not work... I used to make this work, but for some reason now it does not anymore...

Anyone who can shed some light?

Running latest SpamBlocker 4.4.3 i think

As soon as I get this working I'll be able to use the relaying function as well, but first things first ;-)
 
Hello,

There is no officially 4.4.3 yet. http://files.directadmin.com/services/SpamBlocker/ You probably use 4.3.3.
The ACL which denies connections with the error you specified:
Code: 
[COLOR=#000000]acl_check_helo:
[/COLOR]  # accept mail originating on this server unconditionally
  accept  hosts = @[] : @
  # deny if the HELO pretends to be this host
    deny message = HELO_HOST_IMPERSANATION
      condition = ${if or { \
                            {eq{$sender_helo_name}{$smtp_active_hostname}} \
                            {eq{$sender_helo_name}{[$interface_address]}} \
                          } {true}{false} }
  # deny if the HELO is an IP address
    deny message = HELO_IS_IP
         condition   = ${if eq{$interface_port}{25}}
         condition   = ${if isip{$sender_helo_name}}
  # deny if hostname if ylmf-pc, which accounts for a HUGE percentage of BF attacks
    deny message = HELO_BLOCKED_FOR_ABUSE
         condition   = ${if eq{$sender_helo_name}{ylmf-pc}}
  # deny if the HELO pretends to be one of the domains hosted on the server
    deny message = HELO_IS_LOCAL_DOMAIN
        condition = ${if match_domain{$sender_helo_name}{+local_domains}{true}{false}}
        hosts = ! +relay_hosts
  accept

does not have any white- or skip-list. But you could try and add the IP of your mailcleaner server into

Code: 
hostlist relay_hosts = net-lsearch;/etc/virtual/pophosts : 11.22.33.44

replace 11.22.33.44 with your IP and keep in mind the modification.
 
Looks like Mailcleaner uses exim, so you should be able to just edit the primary_hostname in its exim.conf so that HELO should match the expected hostname.
 
well, I did set the hostname to mailcleaner.breeze.be with dns pointing to the external IP for the appliance. I'm just not sure why it is not accepting mails from it.

I tried with the pophosts file, but that did not work, so ended up whitelisting and getting the mails accepted that way.

Topic can be closed :)
 
You must log in or register to reply here.
Back
Top