Hi guys,
I would like to stop using port 25, I see this port is where all the attacks take place in hetzner's datacenter on all the servers I am renting from there.
So I would like to close the port 25 and 2525 for good and use, as a current age, 465 and 587 ports only.
If I block the port in my firewall, then I can' receive any longer any e-mail from anywhere, I can send but no more inbound mails.
I have set also in the "/etc/exim4/exim4.conf.template"
"daemon_smtp_ports = 465 : 587
tls_on_connect_ports = 465"
But nope, once exim4 restarts and the port is blocked, goodbye for good inbound emails.
Is there any other setting I can do?
Thanks
How to make exim4 work only on 465 and 587 ports?
Also I can't get emails from gmail, they always come back as "TLS Negotiation failed: FAILED_PRECONDITION: starttls error (71): 92728204055368:error:10000417:SSL routines:OPENSSL_internal:SSLV3_ALERT_ILLEGAL_PARAMETER:third_party/openssl/boringssl/src/ssl/tls_record.cc:594:SSL alert number 47"
- myVesta
- Site Admin
- Posts: 932
- Joined: Fri Jun 19, 2020 9:59 am
- Has thanked: 8 times
- Been thanked: 6 times
Then it's obviously that some mail servers are built only to try delivery via port 25, and there is nothing you can do, obviously port 25 must be opened for proper SMTP functionality.
What kind of attack you get on port 25 ?
Kind regards from Chalkidiki
You lucky duck! any chance you'll visit Athens too?myVesta wrote: ↑Fri Sep 02, 2022 2:35 pmThen it's obviously that some mail servers are built only to try delivery via port 25, and there is nothing you can do, obviously port 25 must be opened for proper SMTP functionality.
What kind of attack you get on port 25 ?
Kind regards from Chalkidiki
gmail, hotmail etc only work on 465, but I can't get any mail from them either!
Bot attacks on port 25, they try to hack some accounts (those accounts do not exists but I always see "wrong password for [email protected]" or "support" and other standard names for emails)
fail2ban doesn't stop them csf firewall does with perma ip ban but still it is annoying on top of not useful!
Another thing, I have moved myvestacp from my old debian 11.4 vm to my dedicated server's debian 11.4vm with much more resources than the first vm.
I have restored users and all sites are up and running BUT no other user other than admin has any CRON jobs and NONE, including admin, has working backups!
If I do not go 1 by 1 the users and click manually to backup, then there is no backups!
I have tried to recreate the CRON jobs to each and every user but still 0 CRON jobs
Another thing, I have moved myvestacp from my old debian 11.4 vm to my dedicated server's debian 11.4vm with much more resources than the first vm.
I have restored users and all sites are up and running BUT no other user other than admin has any CRON jobs and NONE, including admin, has working backups!
If I do not go 1 by 1 the users and click manually to backup, then there is no backups!
I have tried to recreate the CRON jobs to each and every user but still 0 CRON jobs