1

Topic: Block spam from gmail

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.4.0
- Deployed with iRedMail Easy or the downloadable installer? NO
- Linux/BSD distribution name and version: CentOS Linux release 8.3.2011
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? YES
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Most and at times ALL spam coming into my server are users from gmail.
How can I identify and block spam email coming from gmail?

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Block spam from gmail

You should check the Amavisd log lines (in /var/log/maillog), try to figure out whether Amavisd + SpamAssassin detected it as spam and which spamassassin rules were matched.

3

Re: Block spam from gmail

No rules are matched, they are passing thru at an alarming rate.
They are being sent by gmail users.
Cant just add gmail.com or google.com to the black list as it will stop legit emails.

Any way to setup some sort of verification reply for those domains like gmail, yahoo, hotmail etc where the sender must replay to a manual verification email sent back before the email can be delivered?

4

Re: Block spam from gmail

sergiocesar wrote:

No rules are matched, they are passing thru at an alarming rate.

It should match at least one or two rules. What's the original log lines?

5

Re: Block spam from gmail

ZhangHuangbin wrote:
sergiocesar wrote:

No rules are matched, they are passing thru at an alarming rate.

It should match at least one or two rules. What's the original log lines?

Nope, it passes clean... here is an example:

Oct  7 08:40:22 ired3 postfix/qmgr[2610698]: 4HQCBG56g8z50nC: from=<dukecarterbp@gmail.com>, size=4792, nrcpt=1 (queue active)
Oct  7 08:40:22 ired3 amavis[2860500]: (2860500-03) Passed CLEAN {RelayedInbound}, [2a00:1450:4864:20::52f]:39854 [2a00:1450:4864:20::52f] ESMTP/ESMTP <dukecarterbp@gmail.com> -> <sergio@winc.net>, (ESMTPS://[2a00:1450:4864:20::52f]:39854), Queue-ID: 4HQCBG1fH6z50mb, Message-ID: <CACG2_aw9cgy7mdN9JdjfxKtQn=aW_8OLPwfd-2VE7rAQV_hYMw@mail.gmail.com>, mail_id: JRxhGCOI69Fq, b: ccgXhSN4j, Hits: -, size: 4257, queued_as: 4HQCBG56g8z50nC, Subject: "Plans To Bid", From: <dukecarterbp@gmail.com> (dkim:AUTHOR), helo=mail-ed1-x52f.google.com, dkim_i=@gmail.com, dkim_sd=20210112:gmail.com, 216 ms
Oct  7 08:40:22 ired3 amavis[2860500]: (2860500-03) Passed CLEAN, <dukecarterbp@gmail.com> -> <sergio@winc.net>, Hits: -, tag=0, tag2=6.2, kill=6.9, queued_as: 4HQCBG56g8z50nC, L/0/0/0

6

Re: Block spam from gmail

The log says “ Hits: -”, seems it’s whitelisted.