1

Topic: Backscatter Spam when using iRedMail as proxy for Exchange

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 0.9.3
- Linux/BSD distribution name and version: Ubuntu 18.04
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx):Nginx
- Manage mail accounts with iRedAdmin-Pro? no
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Hello!

On some installations we are using iRedMail as proxy for incoming email and web reverse-proxy for Exchange.

This allows the use of free Let's Encrypt certificates and caching of email if Exchange is down for maintenance. Eventually adding a level of security by not exposing Exchange directly to the Internet.

Now, we are observing that the mail queue of the iRedMail server is getting populated by spam. These spam emails are not sent from the inside Exchange as that is a new installation.

It started when we put the system online.

It looks very much to be being backscatter spam.

Question: What needs to be done in order to solve that problem? I do not want my email queue being full of trash.

Deleting the mail queue regularty is my current approach but this does not solve the problem.

Help would be very appreciated.

Thank you!

Best regards,
Bernhard

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Backscatter Spam when using iRedMail as proxy for Exchange

Try to configure Postfix on iRedMail to query Active Directory, so that Postfix knows the email addresses of local users, this way it can reject the emails which are sent to non-existing addresses.

relay_domains =
relay_recipient_maps =