Exim, how to disable SMTP (not POP3, not forwardings)

Hi:
I’m having some issues because I’m being included in Spamhaus DBF list once at again.

DOMAIN RECORDS

  • I have my SPF in strict mode with allows just my IP to send emails.
  • I have DKIM registries OK.
  • I have a 10/10 in mail-tester.com

WEB PROJECT

  • My HestiaCP is a fresh installation
  • The web project is coded by our own. No Wordpress or other possible points of security holes.
  • Our project does NOT send any email at all. I have even the sendmail binary disabled from PHP. All emails are sent by Sendgrid (and they are JUST emails of “registration” or “password recovery”). We send about 5 emails per day with this service. So all the emails coming out from my domain are these ones.

EXIM DATA

  • Queue is always in 0, there’s no signs of “massive sending” and filled queue as in spam scenarios.
  • The only thing I have is tons of: dovecot_login authenticator failed for [45.142.120.82]: 535 Incorrect authentication data (set_id=XXXXXXXXX) (in XXXXXX a lot of tries)

So, in this scenario, I’m getting crazy … and I would like to go further and DISABLE SMTP at all.

But I need to leave working the POP3 (because I want just to receive emails to an account), and the forwarding service (so emails incoming to one account, are forwarded outside, to a gmail account)

How can I achieve this ?

Thank you

And here is probaly the reason, why you land on the list. Forwarding mails isnt a good idea - if you forward a mail, your server will send as [email protected], but senderdomain.tld doesnt belong to you. So I suggest do disable the mail forwarding to your google account and use their pop service instead: Check emails from other accounts - Computer - Gmail Help

After that, ask Spamhaus to remove your list and check if you get listed again after a while.

2 Likes

It’s not Gmail, sorry, It’s FreshDesk …
I have a redirection from [email protected] to a freshdesk support email address.
This is normal operation , isnt it ?

I have done this in other domains with no problems at all:

Freshdesk shouldnt be a issue. Did you got any additional informations about why you got blacklisted? Personaly I think disable smtp isnt the right way to go, you should find out why your IP gets blacklisted, it could point to a bigger issue.

I wish I had … Spamhaus does not provide ANY information at all … Just a link to request a removal.

Set up DMARC and you’ll get the answers you need. Don’t know how we ever lived without it.

1 Like

SPF, DKIM, DMARC … everything is already setup

Just two thoughts on this…

Is the server/IP new for you? Are there any chances the previous owner of the server/IP was using it to send spam and that is the reason the IP is blacklisted?

Is your domain name setup on a different server? Maybe on an older server left unattended? And that server has/is being used to send spam, so your domain gets blacklisted?

1 Like

Good questions …

  1. Maybe … it’s a cloud server, so that IP was used before for sure … but the Spamhaus blocked the DOMAIN NAME, not the IP
  2. No, it’s first time of this project in a server