Topic: Mail spamming (port 465)
==== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.9.8
- Linux/BSD distribution name and version: CentOS 7.5
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): PGSQL
- Web server (Apache or Nginx):Nginx
- Manage mail accounts with iRedAdmin-Pro? Yes, 2.4.9
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
I have opened port 465 as one of our application on Node uses it for sending system generated emails.
The following configuration I made to /etc/postfix/master.cf
-----------------------------------------------------------------------------------------
465 inet n - n - - smtpd
-o syslog_name=postfix/smtps
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o content_filter=smtp-amavis:[127.0.0.1]:10026
----------------------------------------------------------------------------------------
But many malicious attempt were made on this port for hacking mail id's and sending spam mails.
So, after I blocked that port and changed passwords, blacklisted domains, now everything seems to be normal.
But port 465 is required by our app.
Which type of security can be done on it ??
----
Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.