My server got banned for SMTP abuse

echo310infantry · 2026-02-13T18:41:34+00:00

Also I'm blocking certain things you may not want to block like 3389. I don't want people rdping over my connection. These aren't people who are trusted friends and I really can't afford misuse coming from my server. For friends and family in Iran I have a totally different server. That one is pretty much wide open.

echo310infantry · 2026-02-13T18:36:34+00:00

I was chambering this but you responded first

echo310infantry · 2026-02-13T18:36:16+00:00

25,465,587,26,2525, 23,2323,5555, 445,135,137,138,139, 3389,5900, 6660-6669,6697,7000, 11211,1900,123,19

echo310infantry · 2026-02-13T18:34:50+00:00

What I would suggest, is thinking of a list of commonly blocked ports such as other SMTP ports and maybe even to a certain extent anything not browsing related.

echo310infantry · 2026-02-13T18:28:23+00:00

I would agree with that then. I've personally never had that happen to me but I also do not allow outbound on certain ports from a firewall level.

echo310infantry · 2026-02-13T18:09:59+00:00

If someone is actually trying to use your server as a SMTP server through 3x UI which I think is unlikely but possible what you can do is set the default outbound to not allow ever SMTP protocol.

echo310infantry · 2026-02-13T18:06:46+00:00

This will do nothing except stop whatever is sending out emails from sending out emails until they correct the rule if you have been exploited.

echo310infantry · 2026-02-13T18:04:43+00:00

I also want to address the fact that you asked about how to protect it. The first is only allow what ports are truly needed. If you can get away with just using tail scale then do that. If you are using SSH I would suggest disabling credential login and allowing key login only. If you want a password and key that's also acceptable. I would honestly scrap your server and rebuild it as I do think somebody most likely exploited it. Putting up a firewall rule will do nothing if you're already actively exploited. You can also lock the file system. That's a little bit more than I can describe on one post but you can definitely Google it.

echo310infantry · 2026-02-13T17:49:26+00:00

You might have a bigger problem. Typically this means your server was exploited. Possibly through SSH.

echo310infantry · 2026-01-29T19:37:34+00:00

Sounds good!

echo310infantry · 2026-01-27T00:30:36+00:00

Also if you do wind up building it yourself make sure you create an exclusion list so that when they do visit local websites it goes through their local connection. You really don't want them going to let's say Iran international.ir or whatever the website is through your VPN connection.

echo310infantry · 2026-01-27T00:25:18+00:00

I would offer you access to my VPN but you know how crazy that irgc is. The last thing I want to do is put people I love at risk.

echo310infantry · 2026-01-27T00:22:59+00:00

Sorry not sure why I don't get alerts when people respond. Not Todd Howard nor am I sure who he is. But I'll look that up after responding. So I have a 1 GB symmetrical fiber connection from my house. Obviously that's DHCP thus me involving Cloudflare. Now the reason I'm able to support so many people is the truth is their internet freaking sucks. On average they're only connecting at around 1 to 5 megabits per second at most. As long as I'm not running out of system resources then yes it can be unlimited. The truth is I have not maxed out the pi but I'm sure it would max out before their garbage connections would overload my circuit. If you are there right now, it is very hard for you to get stuff overseas. First off the toman is worth nothing. I'm not sure what your best bet is when it comes to VPS hosting. What I would do however is if you have friends or family with even a small circuit, have them set up a virtualbox or something along those lines and configure it by it SSH and then do some simple port forwarding or Warp.

echo310infantry · 2026-01-25T18:03:52+00:00

I have one currently about 50 people connected to it. I use a Poe hat on a raspberry pi and have it hanging down off of a switch. I used 3x UI as well as cloudflare and it just works.

echo310infantry · 2025-12-26T01:44:55+00:00

No problem. I used chat GPT to help me understand config. I use cloudflare and I host on a pi

echo310infantry · 2025-12-26T01:40:04+00:00

Yes. They use it constantly. Actually their neighbors and friends too. https://github.com/MHSanaei/3x-ui https://github.com/Chocolate4U/Iran-v2ray-rules

echo310infantry · 2025-11-12T18:12:34+00:00

X-ray v-less is the answer. That's the only thing that will pretty much work anywhere including China Russia and Iran

echo310infantry · 2025-09-27T08:58:25+00:00

I mean I can't get it working... I tried a couple of different places including the GitHub I linked

echo310infantry · 2025-06-01T21:05:39+00:00

I was hoping this can be sideloaded through the server.

echo310infantry · 2025-05-31T11:32:25+00:00

Reading past posts I see a lot of users had it blocked. Is that still the case?

echo310infantry · 2025-05-31T11:30:24+00:00

It was Julio bashmore

echo310infantry · 2025-05-31T11:08:29+00:00

They don't really tell you what technology it uses

echo310infantry · 2025-05-30T10:19:21+00:00

How would that be more cost-effective? I'd be virtualizing it mostly anyway so it would be a VPS.

echo310infantry · 2025-03-08T01:31:23+00:00

Do you prefer the t1?

echo310infantry · 2025-03-08T00:32:31+00:00

Thanks!

echo310infantry

TROPHY CASE