| Abused: Full queue folder & ban IP question [message #105968] |
Sun, 01 September 2013 17:01  |
Spacey
Messages: 143
Registered: July 2011
|
|
|
|
Hi,
unfortunately one of my kerio mailaccounts has been bruteforced, hacked or whateverd - lots of spam was sended via that auth'ed account. I changed the password and now no more new spam is accepted. Already hardened my SMTP sending rules few minutes ago. Got a few questions:
1) Now I see in my security log the SMTP attempts from the bad guys -> mostly russian or polish IPs. Is there any chance to ban them within kerio? So that they're not able even to try to login? Didn't find anything...
2) My "/usr/local/kerio/mailserve/store/queue/" subfolders were full of spam - I moved the old queue directory to a save location and created a new one so Kerio can work with a clean queue folder. Kerio itself seems to work fine.
-> Problem was & is: I wasn't able to view the queue via the webinterface (it loaded the "show queue" screen forever). Is there any tool to view and handle a large queue folder? I want to view that folder any check out if there's anything importand non spam in it.
Thanks & Regards!
|
|
|
|
|
|
|
|
| Re: Abused: Full queue folder & ban IP question [message #105989 is a reply to message #105976] |
Mon, 02 September 2013 10:08  |
Spacey
Messages: 143
Registered: July 2011
|
|
|
|
Just putting the .eml files into an user directory doesn't work unfortunately.
Besides another question:
Is there an option that the server only allows to send emails from addresses that exist on the server?
Example: xyz<_at_>domain.com does not exist either as an username or an email alias and so Kerio won't allow to use that address as a "sent from"?
|
|
|
|
|
|
|
|
|
|
Members
Search
Help
Register
Login
Home
