Mail queue and host limiting

OS type and version AlmaLinux 9.4
Webmin version 2.111
Usermin version 2.010
Virtualmin version 7.10.0
Theme version 21.10
Package updates All installed packages are up to date

I’m on a Contabo VPS and i keep getting rate limit emails that too much smtp traffic is going thru.
There are only a few accounts that use email no newsletters action.

The postfix queue is filling up with thousands of messages like in attached screenshot every few days.
Ive added some spam assassin filters to junk some email but thats really cosmetic as it doesnt deal with the issue.
I’ve checked postfix docs and discussion about back scatter but not really understanding what to implement or where the problem is actually coming from. Ive eliminated contact form spam and there are two accounts on the VPS which are sufferring the most. One is an older php app that does need updating - am on that - another is purely static. Alot of the emails are undelivered from self to self or issues with sending to google accounts or pharma spam pretending to be some kind of bounce back.

I’d really like some clear tips on helping to identify the problem and what I can do to mitigate the situation before i get a bad IP reputation.

Are you sure they haven’t block port 25 on outbound traffic.
Although I see a PTR error there, have you setup a rDNS with Contabo.
Who is sending all these emails? A user need authentication to send so the mail log should show you.
Spamassassin only effects inbound mail.

What software is installed, like wordpress?

If you click into postfix queue there should be a button to clear it.

That looks like you’re sending a bunch of spam, I think? So, you either have a user that’s sending spam or an application that has been exploited and someone on the internet is sending a bunch of spam through that exploited application.

So, you need to stop sending spam. Rate-limiting spam is not a solution to spam. You’ll end up blocked by every mail server on the Internet, even if you slow it down.

They’re getting rejection notices because their IP is on a blacklist (look at the screenshot, it’s small and hard to read, and I wish folks would copy/paste plaint text from logs and such, but when I zoom in I can see that there are a bunch of rejections based on being on spam blacklists). That tells us the have port 25, but nobody wants to talk to them because of spam from the IP address.

yeah I did say Although I see a PTR error there, have you setup a rDNS with Contabo.
But I should of looked at the log closer.

Thanks for replies.
Ive managed to deal with 99% of spam with some postfix tweaks and the mail queue is now squeaky clean.
Thanks for your support

If you could list the tweaks to postfix that you have employed, it might help others who have a similar problem and read this thread.

1 Like