I am getting blacklisted

MailCleaner Support
Added 10 months ago

You have been blacklisted and you want to know why.


zgrep -i relay /var/mailcleaner/log/exim_stage1/mainlog.*.gz | grep 'sender ' | sed 's/.*sender //' | sed 's/ on port 25//' |sort -n |uniq -c |sort -n

will give you the person who relayed the most through your MailCleaner server (you can adapt this about the log files taken into consideration)
for the current day use /var/mailcleaner/log/exim_stage1/mainlog
for yesterday use /var/mailcleaner/log/exim_stage1/mainlog.1
and for previous day increase the number right before .gz starting with /var/mailcleaner/log/exim_stage1/mainlog.2.gz

The previous command will parse from 2 days before current date to 9 days before current date.

Make sure the behaviour you see is wanted. If it is not, please change the password for the concerned user : his account was probably compromised and is used to relay spams.
Before changing the password you can add his address to :

Configuration -> SMTP -> Connection Control->Reject these authenticated users


Configuration -> SMTP -> Connection Control->Reject these senders addresses :

and re enable the sender once the password is changed.

If the source wasnt here, please check how you configured :

Configuration->SMTP->Connection control -> Allow external relaying for these hosts and Allow relaying from unknown domains

Also verify if all domains using:

Configuration->Domains-> -> Outgoing relay -> Allow users to use SMTP authentication

all require to be relayed via MailCleaner. Usually a domain will be relayed by its own mail server (the one usually used as destination server for the domain).