In July, we saw our incoming Emaildrops and Filedrops traffic increase from 2k to over 20k. Mostly from spam and phishing emails with Chinese IP addresses and domains. I was just wondering what are people doing to protect their LiquidFiles servers from spam and phishing? We're self-hosting our server in Azure and using Exchange Online as a relay (with plans to migrate to a different SMTP relay soon). So far, I've considered: A block rule on the firewall to block all Chinese IP address ranges. An ActionScript that run on incoming and drop anything with ".cn" in the sender's email domain, but ActionScripts can only be run on Filedrops, I don't see any Delivery Action option for Emaildrops, so maybe a feature request? Edit Postfix to reject the TLD ".cn" like described here https://mailmum.io/posts/howto-block-entire-tlds-in-postfix/ Put a password on Filedrops. Unfortunately, there is no way to put a password on Emaildrops. Change the Emaildrop email addresses and Filedrop URLs. This would be a pain because we’d have to update all our partner agencies.
Oh, hey. I just found out about Exchange Online Connectors (https://learn.microsoft.com/en-us/e...il-flow/use-connectors-to-configure-mail-flow). Does anyone have this setup with LiquidFiles? Will it even work? If I'm understanding this correctly, the Emaildrop email would go to Exchange Online first, then Exchange would relay it to LF. The main benefit being that it'd also go through Exchange Online Protection and Microsoft Defender's spam and phishing filters.
According to the FileDrops you can enable also the sender's email address validation with the "Admin > Configuration > FileDrops > edit > Require User Validation" checkbox. This will eliminate several upload attempts to FileDrops. In regards to EmailDrops I would not recommend to edit the postfix configurations because there is probable that during some future updates the customized config files can be rewritten back to default. The Exchange or other mail gate could be good to filter and drop these unwanted emails prior these will be sent to the LF server. At first you will need to make a MX record for LF.domain.com in your domain registar and point it to your Exchange service. Emails will be then resolved and send to the Exchange first and connectors will relay the valid emails further to the LF server and drop the invalid ones. A limitation could the smaller permitted size of attachments per an email if these are relayed via the connectors. Emails sent directly to a LF's EmailDrop allows attachments up to 100MB.
