• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Question Secure email reception from MX

E

Erwan

Regular Pleskian
Hi all,

On a server (Plesk Obsidian 18) we have domain mail (Postfix / Dovecot). The MX domain names are hosted on another server (anti-spam system) which sends the flow of messages to our server.
Except that some spam still arrives on our server because the messages are sent directly to the IP of this server (old MX).

How is it possible with Plesk or iptables instruction to only allow the reception of message from the flows coming from the ip of the MX?

Thank you.
 
You cannot use iptables for this, because then you will also block outgoing mail operations. You can of course block all incoming packets from different servers on port 25 except packets coming from your one anti-spam-solution, but when a mail goes out, the server needs to be able to talk with the recipient server, which won't work properly if you block port 25 for incoming packets. There might be a solution where you leave a port open for a certain amount of time when your server initiates the first packet to a destination, but it's still a very questionable setup.

I think the only way to achieve what you want is to manually edit the Postfix configuration. Here might be a good place to start on your case (last post in the thread by Viktor Dukhovni:

Postfix Users - Blocking mail from all but one domain

Blocking mail from all but one domain. Hi, I have a postfix-3.1.4 installation and have been given a request to block all incoming mail from all but a single specific domain and block all outgoing...
postfix.1071664.n5.nabble.com
The problem with an edit is that Plesk might overwrite changes of the Postfix configuration when you do parameter changes in Plesk.
This here could also help:

Postfix Per-Client/User/etc. Access Control

www.postfix.org
 
You must log in or register to reply here.

Similar threads

B
Question Problem reception email from plesk to gsuite
Replies
4
Views
406
Kaspar
K
E
Question Is multiple HELO registration possible?
Replies
2
Views
615
emrekoc
E
ilogus
Resolved Incoming email DKIM issue
Replies
4
Views
564
ilogus
ilogus
Ekushey
Issue Incoming email issue from Twitter and Instagram
Replies
1
Views
303
Sebahat.hadzhi
Sebahat.hadzhi
mapodec
Resolved Emails sent from Plesk accounts are not delivering only to Google Workspace
Replies
2
Views
688
mapodec
mapodec
Back
Top