How can I use Warden to monitor outgoing mail so that my server does not get listed on any DNSBLs?

Best Practices To Secure Your Mail Server

  1. Make sure that you have Plesk outgoing limits enabled to limit any damage from a compromised email account. See here for more information.
  2. Make sure that your server has the Plesk modsecurity packages installed as a good modsecurity ruleset can block form spam. See here for more information. 
  3. Enable the X-PHP-Originating-Script header so that Warden can track PHP based mail properly. See here for more information.
  4. Warden has the ability to reject outgoing mail forwards that are flagged as spam in order to protect the servers reputation. See here for more information.
  5. Juggernaut Firewall users can restrict outgoing SMTP access to specific countries to limit SMTP auth brute force attacks (for advanced users only). See here for more information.

Tracking Who is Authenticating and Sending Mail

Admins can use the SMTP auth - User - Success or SMTP Auth - Success - User Client Addr reports to see which accounts are sending mail. If a high number of login attempts is shown, it is very likely accounts were compromised. See here for more information.

SMTP auth - reports

Tracking Outgoing Mail Using Warden

Users can go to Warden -> Statistics -> Statistics Out to see which domains and mailboxes are sending out the most mail. Users can click on the columns to sort from greatest to least.

Statistics Out

Users can go to Warden -> Reports -> choose reports Domain -> Statistics -> Out or Mailbox - Statistics - Out to see which domains and mailboxes are sending out the most mail. Users can click on the columns to sort from greatest to least.

Reports

Administrators can go to Warden -> Queue to monitor the outgoing mail queue. The recipient column will tell you the reason why a server rejected an email. You can click the magnifying glass next to the entry to view more details about a message in the queue. This is helpful in seeing which emails might be spam.

Queue

Users can go to Warden -> Logs -> Message log (choose out from the direction select list to monitor to view outgoing mail).

Message Log

  • outgoing mail, DNSBL
  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

How can I change the interface language of the extension?

You can change the interface language under Settings -> Application Settings -> Locale...

How can I disable admin email notifications in Amavis?

Amavis has different default options for controlling where virus, spam, banned file attachments,...

How can I whitelist or blacklist a mail server from greylisting?

To Whitelist a Mail Server From Greylisting Navigate to Warden -> Settings ->...

How can I enable third party anti-virus signatures within Warden to improve the ClamAV detection rate?

Warden supports enabling third party anti-virus signatures to improve the detection rate. These...

How can I setup a local caching DNS resolver to speed up DNS queries used by Amavis?

Run the following command to check if local DNS caching is enabled: host -tTXT...