X-Default-Received-SPF: pass (skip=loggedin (res=PASS)) x-ip-name=customer.acklnzl1.pop.starlinkisp.net; envelope-from=<surgemail-support@netwin.co.nz>;
X-Received: from [192.168.1.169] (customer.acklnzl1.pop.starlinkisp.net [206.83.102.135])
by netwin.co.nz (SurgeMail 7.7d) with ESMTP (TLS) id 6153982-1391920
for <surgemail-list@netwin.co.nz>; Tue, 21 Feb 2023 00:09:30 +0000
X-Return-Path: surgemail-support
Message-ID: <d941bbca-92fb-e56c-ab80-61ac637ff079@netwin.co.nz>
Date: Tue, 21 Feb 2023 13:09:27 +1300
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101
Thunderbird/102.7.2
Subject: Re: [SurgeMail List] SMTP Auth on smart host
Content-Language: en-US
To: surgemail-list@netwin.co.nz
References: <5ee5ec1d-f00b-f0d5-7765-65ea38ea3283@lcrcomputer.info>
From: Surgemail Support
In-Reply-To: <5ee5ec1d-f00b-f0d5-7765-65ea38ea3283@lcrcomputer.info>
Content-Transfer-Encoding: 8bit
X-Qnum: 6153982
X-Rcpt-To: <surgemail-list@netwin.co.nz>
X-Info: aspam skipped due to (g_smite_skip_relay)
X-Dmarc: quarantine, from=surgemail-support@netwin.co.nz, dkim=Failed known=True Trusted spf=True
X-Encryption: SSL encrypted
X-IP-stats: Incoming Last 1, First 8, in=71, out=0, spam=0 ip=206.83.102.135
List-Unsubscribe: <mailto:surgemail-list-leave@netwin.co.nz?subject=unsubscribe>
X-Mailing-List: surgemail-list@netwin.co.nz
List-ID: <surgemail-list@netwin.co.nz>
Precedence: bulk
Reply-To: surgemail-list@netwin.co.nz
You can set:
g_smtp_portauth "587,465"
g_smtp_portforce "true"
ChrisP.
On 21/02/2023 1:03 pm, Lyle Giese wrote:
> I am running a smart host using the community edition of Surgemail. No
> mailboxes. Simply forwarding inbound and outbound email from my
> servers at home(registered Surgemail servers).
>
> I am getting a lot of Auth attempts via port 25:
>
> 2023-02-20 00:09:24.80:2993407744: 535 Login not permitted domain does
> not exist (payroll@70.35.205.71) (70.35.205.71) 185.254.37.70
> 2023-02-20 00:22:00.18:2996049664: 535 Login not permitted domain does
> not exist (production@70.35.205.71) (70.35.205.71) 185.254.37.70
> 2023-02-20 00:34:35.46:2993407744: 535 Login not permitted domain does
> not exist (program@70.35.205.71) (70.35.205.71) 185.254.37.70
> 2023-02-20 00:47:09.81:2996049664: 535 Login not permitted domain does
> not exist (rafael@70.35.205.71) (70.35.205.71) 185.254.37.70
> 2023-02-20 00:59:45.80:2994464512: 535 Login not permitted domain does
> not exist (reception@70.35.205.71) (70.35.205.71) 185.254.37.70
> 2023-02-20 01:12:31.39:2994464512: 535 Login not permitted domain does
> not exist (remote@70.35.205.71) (70.35.205.71) 185.254.37.70
>
> I did verify the connects are via port 25. I use a different port
> with auth enabled for outbound email from my servers.
>
> Is there a way to disallow auth attempts on port 25? If someone tries
> to authenicate on port 25, drop them.
>
> Thanks,
> Lyle Giese
>
>
|