1 Topic by fisher006 (edited by fisher006 2016-10-12 15:07:41)

  • fisher006
  • Member
  • Offline
  • Registered: 2016-08-01
  • Posts: 46

Topic: Blacklist strange behavior

======== Required information ====
- iRedMail version (check /etc/iredmail-release):  0.9.5-1
- Linux/BSD distribution name and version:  centos 7
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):  MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? NO
- Related log if you're reporting an issue:



I'm add blacklist for two adress and


adress `a@domain.com` id added to table `mailaddr` this same like  `b@domain.com`. 
`id  / priority/ adress`
`540 / 10        / a@domain.com`
`496 / 10        / b@domain.com`

in table `wblist`
`idDomeny / idUsera / w/b`
`185 / 540 / B`
`185 / 496 / B`


but when I'm send message from

a@domain.com message is rejected
when I'm send from b@domain.com message is not rejected but marked like spam

logs from incorrect behavior:

2016-10-12 08:42:14 DEBUG smtp session: sender=b@domain.com
2016-10-12 08:42:14 DEBUG smtp session: sasl_username=b@domain.com
         WHERE kind='outbound' AND account IN ('185.23.21.92', '@ip', '@.', 'b@domain.com', '@domain.com', '@.domain.com', '@pl', '@.pl', '185.23.21.*', '185.23.*.92')
2016-10-12 08:42:15 INFO [0.4919s] [185.23.21.92] END-OF-MESSAGE, b@domain.com => recipient@domain.pl, DUNNO
Oct 12 08:42:14 mail1 postfix/smtpd[6853]: BCAD270903: client=ip-[185., sasl_method=PLAIN, sasl_username=b@domain.com
Oct 12 08:42:15 mail1 postfix/cleanup[6897]: BCAD270903: messaged=<7bbe51ae349ade1dedddb778b4777e07@reczkowski.pl>
Oct 12 08:42:15 mail1 postfix/qmgr[28153]: BCAD270903: from=<SRS0=prJZ=V6=domain.com=b@mail1.pl>, size=633, nrcpt=1 (queue active)
Oct 12 08:42:15 mail1 amavis[5192]: (05192-10-2) Passed SPAM {RelayedTaggedInbound}, [185….]:16713 [185….] <SRS0=prJZ=V6=domain.com=b@mail1.pl> -> <whois@portaldomenowy.pl>, Queue-ID: BCAD270903, Message-ID: <7bbe51ae349ade1dedddb778b4777e07@ski.pl>, mail_id: krn_I8sil-7A, Hits: -, size: 1135, queued_as: BDF9B70929, dkim_sd=x:ski.pl, 120 ms
Oct 12 08:42:15 mail1 postfix/smtp[6968]: BCAD270903: to=<whois@portaldomenowy.pl>, relay=127.0.0.1[127.0.0.1]:10024, conn_use=2, delay=1, delays=0.92/0/0/0.12, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as BDF9B70929)
Oct 12 08:42:15 mail1 postfix/qmgr[28153]: BCAD270903: removed



correct ban 

2016-10-12 08:49:34 DEBUG smtp session: sender=a@domain.com
2016-10-12 08:49:34 DEBUG Possible policy senders: ['@.', 'b@domain.com', '@domain.com', '@.domain.com', '@com', '@.com', 'b@*', '188.116.37.171', '188.116.37.*', '188.116.*.171']
              WHERE email IN ('@.', 'b@domain.com', '@domain.com', '@.domain.com', '@com', '@.com', 'b@*', '188.116.37.171', '188.116.37.*', '188.116.*.171')
2016-10-12 08:49:34 DEBUG Addresses (in `mailaddr`): [(540L, 'b@domain.com'), (166L, '@.')]
2016-10-12 08:49:34 INFO [0.0908s] [188.116.37.171] RCPT, b@domain.com -> whois@portaldomenowy.pl, DISCARD Blacklisted

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,788

Re: Blacklist strange behavior

It's hard for me to help troubleshoot with the sql records inserted manually. Please use our tool to manage white/blacklists instead, it's easier and clearer:
http://www.iredmail.org/docs/manage.ire … acklisting

3 Reply by fisher006

  • fisher006
  • Member
  • Offline
  • Registered: 2016-08-01
  • Posts: 46

Re: Blacklist strange behavior

This is added by script wb_admin

4 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,788

Re: Blacklist strange behavior

OK, according to the log, seems one blacklist was not correctly generated.
*) Could you please show me how you added those 2 blacklists?
*) Also, show me output of commands below please:

cd /opt/
ls -l
cd /opt/iredapd/tools/
python wblist_admin.py --list

If you added blacklists as per-user wblist, please show output of below command also (replace "<email_of_your_user>" by the real email address):

python wblist_admin.py --list --account "<email_of_your_user>"

5 Reply by fisher006

  • fisher006
  • Member
  • Offline
  • Registered: 2016-08-01
  • Posts: 46

Re: Blacklist strange behavior

first message is send from this same server ( local delivery )

next message is send from gmail


maybe local delivery is not checking by wblist?

6 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,788

Re: Blacklist strange behavior

Please show me output of command "postconf smtpd_recipient_restrictions". Seems you have incorrect order of restriction rules.

7 Reply by fisher006

  • fisher006
  • Member
  • Offline
  • Registered: 2016-08-01
  • Posts: 46

Re: Blacklist strange behavior

smtpd_recipient_restrictions = permit_mynetworks,
                               reject_unknown_sender_domain,
                               reject_unknown_recipient_domain,
                               reject_non_fqdn_sender,
                               reject_non_fqdn_recipient,
                               reject_unlisted_recipient,
                               check_policy_service inet:127.0.0.1:7777,
                               permit_sasl_authenticated,
                               reject_unauth_destination,
                               check_client_access hash:/etc/postfix/rbl_override,
                               reject_rbl_client zen.spamhaus.org,
                               reject_rbl_client bl.spamcop.net,
                               reject_rbl_client cbl.abuseat.org,
                               reject_rbl_client zen.spamhaus.org

8 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,788

Re: Blacklist strange behavior

fisher006 wrote:

smtpd_recipient_restrictions = permit_mynetworks,
                               ...
                               check_policy_service inet:127.0.0.1:7777,
                               ...

With default iRedMail setting, "permit_mynetworks" is placed immediately after "check_policy_service inet:127.0.0.1:7777", so that all emails will go through iRedAPD. But with your setting, emails sent from machines listed in Postfix "mynetworks =" parameter will not go through iRedAPD at all.

Note: Postfix applies the restrictions in order.