Accepting E-Mail from website on 3rd-party Webserver

Problems/questions regarding the MailCleaner configuration

Moderators: FlorianB, Pascal, bourgeois, mentor

colin1256
Posts: 5
Joined: Fri Jun 23, 2017 6:48 am
How did you hear about Mailcleaner: IT-Vendor

Accepting E-Mail from website on 3rd-party Webserver

Postby colin1256 » Fri Jun 30, 2017 8:29 pm

Hello everyone,

I need some help with the configuration of our MailCleaner 2014 installation.

We have our website sample-sitename.de hosted on a third-party virtual server outside of our network (at our ISP's Datacenter).

If visitors to the site fill out the feedback form, the site sends an e-mail with from-address feedback@sample-sitename.de to info@sample-sitename.de

Unfortunately, mailcleaner filters these e-mails out whenever I have "Reject unauthorized messages from this domain" enabled for sample-sitename.de.

With this option disabled, the number of incoming spam-mails has (naturally) shot through the roof.

Could anyone recommend a better configuration? I have already tried adding the external server to the trusted sites-/IP-List, but it was no use.

Thank you very much in advance!


Best regards


Colin
uncltom
Posts: 495
Joined: Tue Aug 26, 2008 3:01 am
How did you hear about Mailcleaner: I dont remember probably google?
Location: Spokane, WA

Re: Accepting E-Mail from website on 3rd-party Webserver

Postby uncltom » Sat Jul 01, 2017 1:23 am

Is your SPF record setup properly listing your outbound email server (mailcleaner or what ever it is) and the IP of the ISP?

Also have you tried adding your ISP's server IP address to configuration -> smtp -> connection control -> Allow external relaying for this host. I think this would make it an authorized connection.

What about add the from address as the address to the whitelist?

Can your ISP use mailcleaner as a smart host for your form?

How about sending straight to your email server allowing the ISP's server address to connect to the smtp connector avoiding mailcleaner all together?

Can the ISP use a email address/domain that is not part of mailcleaner for the from address?

I understand your issue but I have never tried to do this. :)
cglmicro
Posts: 255
Joined: Thu Mar 07, 2013 2:12 am
How did you hear about Mailcleaner: google

Re: Accepting E-Mail from website on 3rd-party Webserver

Postby cglmicro » Sat Jul 01, 2017 3:58 am

I also think SPF will do the trick!
Many of my customers have external servers that send mail on behalf of them to themselves.
colin1256
Posts: 5
Joined: Fri Jun 23, 2017 6:48 am
How did you hear about Mailcleaner: IT-Vendor

Re: Accepting E-Mail from website on 3rd-party Webserver

Postby colin1256 » Mon Jul 03, 2017 2:25 pm

Thank you all, I will try that and let you know!

- Colin
colin1256
Posts: 5
Joined: Fri Jun 23, 2017 6:48 am
How did you hear about Mailcleaner: IT-Vendor

Re: Accepting E-Mail from website on 3rd-party Webserver

Postby colin1256 » Fri Jul 07, 2017 9:12 am

Dear all,

I have added SPF-Entries for our external mailserver and re-enabled the option.

Unfortunately, now the e-mails from the website are being rejected again.

Mailcleaner rejects the message with:
Incoming MTA stage: 2017-07-07 10:08:25 H=sending.server.tld [IP-Address] F=<noreply@somesite.de> rejected RCPT <user@somesite.de>: This domain does not accept mail from itself (spoofing)

Any idea on what I can do to explicitly allow mail to myself from the particular host of the site?

Thanks!

Colin
FlorianB
Posts: 242
Joined: Wed Apr 01, 2015 2:27 pm
How did you hear about Mailcleaner: job

Re: Accepting E-Mail from website on 3rd-party Webserver

Postby FlorianB » Fri Jul 07, 2017 10:32 am

Hello,
A web form on a site is not an MTA so message should never be sent directly to destination servers.
Here the blocking is caused by the option : "Reject unauthorized messages from this domain".
You should test using SMTH authentication as this option reject spoofing domains when the message doesn't use SMTP auth.
Or change your web form code to act as a normal smtp client.
Best regards,
Florian Billebault
MailCleaner Team
colin1256
Posts: 5
Joined: Fri Jun 23, 2017 6:48 am
How did you hear about Mailcleaner: IT-Vendor

Re: Accepting E-Mail from website on 3rd-party Webserver

Postby colin1256 » Fri Jul 07, 2017 2:06 pm

Florian,

thank you very much for your quick reply.

I believe the Feedback form is currently using the postfix or whatever SMTP-component is on the outside web-server to send these messages. This is then resolving the MX entry for our TLD and tries to send the message.

The flow then is as follows: Our ISP has an inbound e-mail relay (with some basic antispam capabilities), which receives the e-mail and forwards it to MailCleaner, where its then being rejected.

I will speak to our web-developers if they can change the behavior of their feedback form.

Best regards

Colin
uncltom
Posts: 495
Joined: Tue Aug 26, 2008 3:01 am
How did you hear about Mailcleaner: I dont remember probably google?
Location: Spokane, WA

Re: Accepting E-Mail from website on 3rd-party Webserver

Postby uncltom » Sun Jul 09, 2017 5:49 am

I would also consider getting rid of the ISP gateway. Mailcleaner has very good AV filtering with ClamAV and you can add bitdefender as well. Obviously MC can handle spam too. I like clean and simple. This way when I look at the mailcleaner tracing I know this is all of the incoming connections in one place.

Just my opinion...
colin1256
Posts: 5
Joined: Fri Jun 23, 2017 6:48 am
How did you hear about Mailcleaner: IT-Vendor

Re: Accepting E-Mail from website on 3rd-party Webserver

Postby colin1256 » Mon Jul 10, 2017 5:04 am

uncltom: thanks for your input! Overall, I tend to agree with you, however we have had a couple of connection-outages and/or internal server-outages throughout the years where the ISP-Relay has come in as a life-safer because it cached all inbound e-mails longer than a typical server will want to re-attempt sending. So right now, I am reluctant to do away with it.

Return to “Configuration”

Who is online

Users browsing this forum: No registered users and 3 guests