C
cygbr

  • Jul 29, 2023
  • Joined May 2, 2023
  • 1 discussion
  • 5 posts
  • 1 best answer
  • Post posted... wait what? You got the answer!
  • Hi D4niel

    The mail server connecting in this case is pretending to be my mail server !
    I would have expected the emails to be rejected without reaching the spam filtering process.

    Now that ipv6nat-mailcow is up, trying to reproduce the issue I get 554 5.7.1 This message does not meet our delivery requirements as expected.

  • So in the end I found out that ipv6nat-mailcow was missing from my docker-compose file, I’m not sure why updates didn’t add it. Now I can see the real IPv6 in the logs.

  • Thanks for your reply esackbauer

    I did further tests : I SSHed into another server that is hosted by the same provider (could explain ?) then I used telnet to connect directly using the smtp port, and was able to send an email to myself from the admin@ user without having to authenticate, how possible ?!

    • Hi @luchris ,

      Thanks for the reply.

      I also have the same values in my main.cf :

      I haven’t changed any config file.

      Also I did a check on mxtoolbox.com and it says :

      I see that some emails are received from public IPs, but some are coming from the same internal (I believe) IPv6 : fd4d:6169:6c63:6f77::1, which is the origin IP for both legit emails and the relayed ones

    • Hello community,

      I’ve recently noticed in Rspamd that some emails were neither from nor to any of the users listed in my Mailcow instance, so they were relayed without authentication but I haven’t set any rule in place to allow such thing.

      Here is an example from the logs, none of the domains are related to my MC instance :

      Any idea on how this was made possible ? The instance was created a few years ago and regularly updated.

      Thank you !

        • Best Answerset by cygbr

        So in the end I found out that ipv6nat-mailcow was missing from my docker-compose file, I’m not sure why updates didn’t add it. Now I can see the real IPv6 in the logs.