1 (edited by Rafa 2012-01-03 20:23:35)

Topic: [SOLVED] Strict Blacklisting and whitelisting

Hi, a customer bought today the Pro version in order to set an internal mail server with some restrictions. The final configuration should enable mail for several accounts but only permit sending and receiving to/from specific mail addressess.

First of all, I've realized that the regular installation with migration from Open Source edition did not create the service iredapd-rr, but I created following http://iredmail.org/wiki/index.php?titl … D/OpenLDAP , enabling info logs.

I'm strictly refusing all mails in blacklist but they still are received, and marked as ***SPAM***. I would like them to be deleted.
I'm also restricting outgoing mail, whitelisting only one address and refusing everything else with @.
None of the two rules are working for me. I receive mails from blacklisted addresses (from any address, in fact) and I can send emails to any address without restriction.
Iredapd logs show DUNNO entries for received and sent mails:

iredapd-rr.log:

2012-01-03 13:19:34 DEBUG LDAP connection initialied success.
2012-01-03 13:19:34 DEBUG LDAP bind success.
2012-01-03 13:19:34 DEBUG Error: No option 'bypass_mynetworks' in section: 'general'. Use default action instead: DUNNO

iredapd.log:

2012-01-03 13:19:34 DEBUG Apply plugin (ldap_maillist_access_policy).
2012-01-03 13:19:34 DEBUG Response from plugin (ldap_maillist_access_policy): DUNNO Not a mail list account.
2012-01-03 13:19:34 DEBUG Final action: None.

¿Any idea? I can provide logs if you need.
Thanks in advance.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: [SOLVED] Strict Blacklisting and whitelisting

Please fix this issue first:

2012-01-03 13:19:34 DEBUG Error: No option 'bypass_mynetworks' in section: 'general'. Use default action instead: DUNNO

It complains there's no 'bypass_mynetwors' in config file /opt/iredapd/etc/iredapd-rr.ini. Please make sure you have below content in /opt/iredapd/etc/iredapd-rr.ini, under section "[general]":

# Bypass clients listed in postfix 'mynetworks': yes, no.
bypass_mynetworks = no

Then, make sure you have plugin "block_amavisd_blacklisted_senders" enabled in /opt/iredapd/etc/iredapd.ini, under section "[ldap]":

[ldap]
...
plugins = block_amavisd_blacklisted_senders, ldap_maillist_access_policy

Restarting iredapd and iredapd-rr is required.

3 (edited by Rafa 2012-01-04 17:46:37)

Re: [SOLVED] Strict Blacklisting and whitelisting

I just did those two modifications after posting here, but it still doesn't work as expected.

iredapd-rr.log

2012-01-04 07:43:33 DEBUG smtp session: encryption_keysize=0
2012-01-04 07:43:33 DEBUG LDAP connection initialied success.
2012-01-04 07:43:33 DEBUG LDAP bind success.
2012-01-04 07:43:33 DEBUG __get_sender_dn_ldif (sender): someone@gmail.com
2012-01-04 07:43:33 DEBUG __get_sender_dn_ldif: Quering LDAP
2012-01-04 07:43:33 DEBUG __get_sender_dn_ldif (result): []
2012-01-04 07:43:33 DEBUG Sender DN or LDIF is none.
2012-01-04 07:43:33 DEBUG Final action: DUNNO.
2012-01-04 07:43:33 INFO someone@gmail.com -> someoen1@gmail.com, DUNNO

(Sorry, I miss the button and "reported" your answer! :S)

4

Re: [SOLVED] Strict Blacklisting and whitelisting

Sorry, could you please explain with some more detail:

- You sent testing email from which one to another one?
- Please paste full debug log in both /var/log/iredapd.log and /var/log/iredapd-rr.log.
- Paste whole content of both iRedAPD config files: /opt/iredapd/etc/iredapd.ini and iredapd-rr.ini. NOTE: please remove LDAP/MYSQL address, username, password before posting.

5 (edited by Rafa 2012-01-05 02:04:04)

Re: [SOLVED] Strict Blacklisting and whitelisting

No problem. I've just setted up a new acount, "pruebas", to make one more test. This account is configured so it cannot receive nor send email from/to any address:

Bypass mails from below senders: <none>
Reject mails from below senders: @.
Bypass mails sent to below recipients: <none>
Reject mails sent to below recipients: @.

It shouldn't send or receive mails, but
- Outgoing mail works with any restriction
- Incoming mail arrives marked as ***SPAM*** (I would like it to be deleted)

I've made a test, sending email from account pruebas@MYIREDMAILSERVER.com to rafa@MYEXTERNALSERVER.es, being MYIREDMAILSERVER.com the iRedMail server, and replying from external system MYEXTERNALSERVER.es hosted in google Apps. The mail was sent successfully and the reply arrived marked as SPAM.
Those are the config files and logs:

iredapd.ini

[general]
listen_addr = 127.0.0.1
listen_port = 7777
run_as_user = iredapd
run_as_daemon = yes
pid_file        = /var/run/iredapd.pid
log_type        = file
log_file        = /var/log/iredapd.log
log_level       = debug
backend = ldap

[ldap]
uri = ldap://127.0.0.1:389
binddn = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
bindpw = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
basedn = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
plugins = block_amavisd_blacklisted_senders,ldap_maillist_access_policy

[mysql]
# For MySQL backend only.
server      = 127.0.0.1
db          = vmail
user        = vmail
password    = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
plugins = ldap_maillist_access_policy

iredapd-rr.ini

[general]
listen_addr = 127.0.0.1
listen_port = 7778
bypass_mynetworks = no
run_as_user = iredapd
run_as_daemon = yes
pid_file        = /var/run/iredapd-rr.pid
log_type        = file
log_file        = /var/log/iredapd-rr.log
log_level       = debug
backend = ldap

[ldap]
uri = ldap://127.0.0.1:389
binddn = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
bindpw = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
basedn = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
plugins = block_amavisd_blacklisted_senders,ldap_maillist_access_policy

[mysql]
server      = 127.0.0.1
db          = vmail
user        = vmail
password    = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
plugins = ldap_recipient_restrictions

iredapd.log

2012-01-04 15:10:05 DEBUG Connect from 127.0.0.1
2012-01-04 15:10:05 DEBUG smtp session: request=smtpd_access_policy
2012-01-04 15:10:05 DEBUG smtp session: protocol_state=RCPT
2012-01-04 15:10:05 DEBUG smtp session: protocol_name=ESMTP
2012-01-04 15:10:05 DEBUG smtp session: client_address=127.0.0.1
2012-01-04 15:10:05 DEBUG smtp session: client_name=xxxxxxxxxxxxxxxxxxxxxxxxxx
2012-01-04 15:10:05 DEBUG smtp session: reverse_client_name=xxxxxxxxxxxxxxxxxxxxxxx
2012-01-04 15:10:05 DEBUG smtp session: helo_name=MYIREDMAILSERVER.com
2012-01-04 15:10:05 DEBUG smtp session: sender=pruebas@MYIREDMAILSERVER.com
2012-01-04 15:10:05 DEBUG smtp session: recipient=rafa@MYEXTERNALSERVER.es
2012-01-04 15:10:05 DEBUG smtp session: recipient_count=0
2012-01-04 15:10:05 DEBUG smtp session: queue_id=
2012-01-04 15:10:05 DEBUG smtp session: instance=8dd.4f045dbc.f26e5.0
2012-01-04 15:10:05 DEBUG smtp session: size=0
2012-01-04 15:10:05 DEBUG smtp session: etrn_domain=
2012-01-04 15:10:05 DEBUG smtp session: stress=
2012-01-04 15:10:05 DEBUG smtp session: sasl_method=LOGIN
2012-01-04 15:10:05 DEBUG smtp session: sasl_username=pruebas@MYIREDMAILSERVER.com
2012-01-04 15:10:05 DEBUG smtp session: sasl_sender=
2012-01-04 15:10:05 DEBUG smtp session: ccert_subject=
2012-01-04 15:10:05 DEBUG smtp session: ccert_issuer=
2012-01-04 15:10:05 DEBUG smtp session: ccert_fingerprint=
2012-01-04 15:10:05 DEBUG smtp session: encryption_protocol=
2012-01-04 15:10:05 DEBUG smtp session: encryption_cipher=
2012-01-04 15:10:05 DEBUG smtp session: encryption_keysize=0
2012-01-04 15:10:05 DEBUG LDAP connection initialied success.
2012-01-04 15:10:05 DEBUG LDAP bind success.
2012-01-04 15:10:05 DEBUG __get_recipient_dn_ldif (recipient): rafa@MYEXTERNALSERVER.es
2012-01-04 15:10:05 DEBUG __get_recipient_dn_ldif (ldap query filter): (&(|(mail=rafa@MYEXTERNALSERVER.es)(shadowAddress=rafa@MYEXTERNALSERVER.es))(|(objectClass=mailUser)(objectClass=mailList)(objectClass=mailAlias)))
2012-01-04 15:10:05 DEBUG __get_recipient_dn_ldif: Can not find recipient in LDAP server.
2012-01-04 15:10:05 DEBUG Recipient DN or LDIF is None.
2012-01-04 15:10:05 DEBUG Final action: DUNNO.
2012-01-04 15:10:05 INFO pruebas@MYIREDMAILSERVER.com -> rafa@MYEXTERNALSERVER.es, DUNNO
2012-01-04 15:10:05 DEBUG Connection closed
2012-01-04 15:10:17 DEBUG Connect from 127.0.0.1
2012-01-04 15:10:17 DEBUG smtp session: request=smtpd_access_policy
2012-01-04 15:10:17 DEBUG smtp session: protocol_state=RCPT
2012-01-04 15:10:17 DEBUG smtp session: protocol_name=ESMTP
2012-01-04 15:10:17 DEBUG smtp session: client_address=209.85.210.182
2012-01-04 15:10:17 DEBUG smtp session: client_name=unknown
2012-01-04 15:10:17 DEBUG smtp session: reverse_client_name=unknown
2012-01-04 15:10:17 DEBUG smtp session: helo_name=mail-iy0-f182.google.com
2012-01-04 15:10:17 DEBUG smtp session: sender=rafa@MYEXTERNALSERVER.es
2012-01-04 15:10:17 DEBUG smtp session: recipient=pruebas@MYIREDMAILSERVER.com
2012-01-04 15:10:17 DEBUG smtp session: recipient_count=0
2012-01-04 15:10:17 DEBUG smtp session: queue_id=
2012-01-04 15:10:17 DEBUG smtp session: instance=8dd.4f045dc9.700eb.0
2012-01-04 15:10:17 DEBUG smtp session: size=0
2012-01-04 15:10:17 DEBUG smtp session: etrn_domain=
2012-01-04 15:10:17 DEBUG smtp session: stress=
2012-01-04 15:10:17 DEBUG smtp session: sasl_method=
2012-01-04 15:10:17 DEBUG smtp session: sasl_username=
2012-01-04 15:10:17 DEBUG smtp session: sasl_sender=
2012-01-04 15:10:17 DEBUG smtp session: ccert_subject=
2012-01-04 15:10:17 DEBUG smtp session: ccert_issuer=
2012-01-04 15:10:17 DEBUG smtp session: ccert_fingerprint=
2012-01-04 15:10:17 DEBUG smtp session: encryption_protocol=TLSv1
2012-01-04 15:10:17 DEBUG smtp session: encryption_cipher=RC4-SHA
2012-01-04 15:10:17 DEBUG smtp session: encryption_keysize=128
2012-01-04 15:10:17 DEBUG LDAP connection initialied success.
2012-01-04 15:10:17 DEBUG LDAP bind success.
2012-01-04 15:10:17 DEBUG __get_recipient_dn_ldif (recipient): pruebas@MYIREDMAILSERVER.com
2012-01-04 15:10:17 DEBUG __get_recipient_dn_ldif (ldap query filter): (&(|(mail=pruebas@MYIREDMAILSERVER.com)(shadowAddress=pruebas@MYIREDMAILSERVER.com))(|(objectClass=mailUser)(objectClass=mailList)(objectClass=mailAlias)))
2012-01-04 15:10:17 DEBUG __get_recipient_dn_ldif (ldap query result): [('mail=pruebas@MYIREDMAILSERVER.com,ou=Users,domainName=MYIREDMAILSERVER.com,o=domains,dc=mail-gw,dc=net4things,dc=com', {'uid': ['pruebas'], 'mailQuota': ['0'], 'objectClass': ['inetOrgPerson', 'mailUser', 'shadowAccount', 'amavisAccount'], 'userPassword': ['xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'], 'homeDirectory': ['/var/vmail/vmail1/MYIREDMAILSERVER.com/p/r/u/pruebas-2012.01.04.15.03.52/'], 'accountStatus': ['active'], 'mailBlacklistRecipient': ['@.'], 'amavisBlacklistSender': ['@.'], 'amavisLocal': ['TRUE'], 'sn': ['pruebas'], 'storageBaseDirectory': ['/var/vmail'], 'mail': ['pruebas@MYIREDMAILSERVER.com'], 'shadowLastChange': ['0'], 'mailMessageStore': ['vmail1/MYIREDMAILSERVER.com/p/r/u/pruebas-2012.01.04.15.03.52/'], 'enabledService': ['mail', 'deliver', 'lda', 'smtp', 'smtpsecured', 'pop3', 'pop3secured', 'imap', 'imapsecured', 'managesieve', 'managesievesecured', 'sieve', 'sievesecured', 'forward', 'senderbcc', 'recipientbcc', 'internal', 'shadowaddress', 'displayedInGlobalAddressBook'], 'cn': ['pruebas']})]
2012-01-04 15:10:17 DEBUG Apply plugin (block_amavisd_blacklisted_senders).
2012-01-04 15:10:17 DEBUG (block_amavisd_blacklisted_senders.pyc) Sender: rafa@MYEXTERNALSERVER.es
2012-01-04 15:10:17 DEBUG (block_amavisd_blacklisted_senders.pyc) Blacklisted senders: @.
2012-01-04 15:10:17 DEBUG (block_amavisd_blacklisted_senders.pyc) Whitelisted senders: 
2012-01-04 15:10:17 DEBUG Response from plugin (block_amavisd_blacklisted_senders): DUNNO No white-/blacklist records found.
2012-01-04 15:10:17 DEBUG Apply plugin (ldap_maillist_access_policy).
2012-01-04 15:10:17 DEBUG Response from plugin (ldap_maillist_access_policy): DUNNO Not a mail list account.
2012-01-04 15:10:17 DEBUG Final action: None.
2012-01-04 15:10:17 INFO rafa@MYEXTERNALSERVER.es -> pruebas@MYIREDMAILSERVER.com, DUNNO
2012-01-04 15:10:17 DEBUG Connection closed

iredapd-rr.log

2012-01-04 15:10:04 DEBUG Connect from 127.0.0.1
2012-01-04 15:10:04 DEBUG smtp session: request=smtpd_access_policy
2012-01-04 15:10:04 DEBUG smtp session: protocol_state=RCPT
2012-01-04 15:10:04 DEBUG smtp session: protocol_name=ESMTP
2012-01-04 15:10:04 DEBUG smtp session: client_address=127.0.0.1
2012-01-04 15:10:04 DEBUG smtp session: client_name=mail-gw.net4things.com
2012-01-04 15:10:04 DEBUG smtp session: reverse_client_name=mail-gw.net4things.com
2012-01-04 15:10:04 DEBUG smtp session: helo_name=MYIREDMAILSERVER.com
2012-01-04 15:10:04 DEBUG smtp session: sender=pruebas@MYIREDMAILSERVER.com
2012-01-04 15:10:04 DEBUG smtp session: recipient=rafa@MYEXTERNALSERVER.es
2012-01-04 15:10:04 DEBUG smtp session: recipient_count=0
2012-01-04 15:10:04 DEBUG smtp session: queue_id=
2012-01-04 15:10:04 DEBUG smtp session: instance=8dd.4f045dbc.f26e5.0
2012-01-04 15:10:04 DEBUG smtp session: size=0
2012-01-04 15:10:04 DEBUG smtp session: etrn_domain=
2012-01-04 15:10:04 DEBUG smtp session: stress=
2012-01-04 15:10:05 DEBUG smtp session: sasl_method=LOGIN
2012-01-04 15:10:05 DEBUG smtp session: sasl_username=pruebas@MYIREDMAILSERVER.com
2012-01-04 15:10:05 DEBUG smtp session: sasl_sender=
2012-01-04 15:10:05 DEBUG smtp session: ccert_subject=
2012-01-04 15:10:05 DEBUG smtp session: ccert_issuer=
2012-01-04 15:10:05 DEBUG smtp session: ccert_fingerprint=
2012-01-04 15:10:05 DEBUG smtp session: encryption_protocol=
2012-01-04 15:10:05 DEBUG smtp session: encryption_cipher=
2012-01-04 15:10:05 DEBUG smtp session: encryption_keysize=0
2012-01-04 15:10:05 DEBUG LDAP connection initialied success.
2012-01-04 15:10:05 DEBUG LDAP bind success.
2012-01-04 15:10:05 DEBUG __get_sender_dn_ldif (sender): pruebas@MYIREDMAILSERVER.com
2012-01-04 15:10:05 DEBUG __get_sender_dn_ldif: Quering LDAP
2012-01-04 15:10:05 DEBUG __get_sender_dn_ldif (result): [('mail=pruebas@MYIREDMAILSERVER.com,ou=Users,domainName=MYIREDMAILSERVER.com,o=domains,dc=mail-gw,dc=net4things,dc=com', {'uid': ['pruebas'], 'mailQuota': ['0'], 'objectClass': ['inetOrgPerson', 'mailUser', 'shadowAccount', 'amavisAccount'], 'userPassword': ['xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'], 'homeDirectory': ['/var/vmail/vmail1/MYIREDMAILSERVER.com/p/r/u/pruebas-2012.01.04.15.03.52/'], 'accountStatus': ['active'], 'mailBlacklistRecipient': ['@.'], 'amavisBlacklistSender': ['@.'], 'amavisLocal': ['TRUE'], 'sn': ['pruebas'], 'storageBaseDirectory': ['/var/vmail'], 'mail': ['pruebas@MYIREDMAILSERVER.com'], 'shadowLastChange': ['0'], 'mailMessageStore': ['vmail1/MYIREDMAILSERVER.com/p/r/u/pruebas-2012.01.04.15.03.52/'], 'enabledService': ['mail', 'deliver', 'lda', 'smtp', 'smtpsecured', 'pop3', 'pop3secured', 'imap', 'imapsecured', 'managesieve', 'managesievesecured', 'sieve', 'sievesecured', 'forward', 'senderbcc', 'recipientbcc', 'internal', 'shadowaddress', 'displayedInGlobalAddressBook'], 'cn': ['pruebas']})]
2012-01-04 15:10:05 INFO Error: plugin /opt/iredapd/src/plugins-rr/block_amavisd_blacklisted_senders.py not exist.
2012-01-04 15:10:05 INFO Error: plugin /opt/iredapd/src/plugins-rr/ldap_maillist_access_policy.py not exist.
2012-01-04 15:10:05 DEBUG Final action: None.
2012-01-04 15:10:05 INFO pruebas@MYIREDMAILSERVER.com -> rafa@MYEXTERNALSERVER.es, DUNNO
2012-01-04 15:10:05 DEBUG Connection closed
2012-01-04 15:10:17 DEBUG Connect from 127.0.0.1
2012-01-04 15:10:17 DEBUG smtp session: request=smtpd_access_policy
2012-01-04 15:10:17 DEBUG smtp session: protocol_state=RCPT
2012-01-04 15:10:17 DEBUG smtp session: protocol_name=ESMTP
2012-01-04 15:10:17 DEBUG smtp session: client_address=209.85.210.182
2012-01-04 15:10:17 DEBUG smtp session: client_name=unknown
2012-01-04 15:10:17 DEBUG smtp session: reverse_client_name=unknown
2012-01-04 15:10:17 DEBUG smtp session: helo_name=mail-iy0-f182.google.com
2012-01-04 15:10:17 DEBUG smtp session: sender=rafa@MYEXTERNALSERVER.es
2012-01-04 15:10:17 DEBUG smtp session: recipient=pruebas@MYIREDMAILSERVER.com
2012-01-04 15:10:17 DEBUG smtp session: recipient_count=0
2012-01-04 15:10:17 DEBUG smtp session: queue_id=
2012-01-04 15:10:17 DEBUG smtp session: instance=8dd.4f045dc9.700eb.0
2012-01-04 15:10:17 DEBUG smtp session: size=0
2012-01-04 15:10:17 DEBUG smtp session: etrn_domain=
2012-01-04 15:10:17 DEBUG smtp session: stress=
2012-01-04 15:10:17 DEBUG smtp session: sasl_method=
2012-01-04 15:10:17 DEBUG smtp session: sasl_username=
2012-01-04 15:10:17 DEBUG smtp session: sasl_sender=
2012-01-04 15:10:17 DEBUG smtp session: ccert_subject=
2012-01-04 15:10:17 DEBUG smtp session: ccert_issuer=
2012-01-04 15:10:17 DEBUG smtp session: ccert_fingerprint=
2012-01-04 15:10:17 DEBUG smtp session: encryption_protocol=TLSv1
2012-01-04 15:10:17 DEBUG smtp session: encryption_cipher=RC4-SHA
2012-01-04 15:10:17 DEBUG smtp session: encryption_keysize=128
2012-01-04 15:10:17 DEBUG LDAP connection initialied success.
2012-01-04 15:10:17 DEBUG LDAP bind success.
2012-01-04 15:10:17 DEBUG __get_sender_dn_ldif (sender): rafa@MYEXTERNALSERVER.es
2012-01-04 15:10:17 DEBUG __get_sender_dn_ldif: Quering LDAP
2012-01-04 15:10:17 DEBUG __get_sender_dn_ldif (result): []
2012-01-04 15:10:17 DEBUG Sender DN or LDIF is none.
2012-01-04 15:10:17 DEBUG Final action: DUNNO.
2012-01-04 15:10:17 INFO rafa@MYEXTERNALSERVER.es -> pruebas@MYIREDMAILSERVER.com, DUNNO
2012-01-04 15:10:17 DEBUG Connection closed

Maybe the problem is related with

2012-01-04 15:10:05 DEBUG __get_recipient_dn_ldif: Can not find recipient in LDAP server.
2012-01-04 15:10:05 DEBUG Recipient DN or LDIF is None.

and the insertion of "@." in LDAP when configuring blacklisting, but this is the main feature why we purchased pro version, the easy way to deny all incoming and outgoing mail so we can turn the system into a private mail server with internet access, and we would like this to work.

Related to:

2012-01-04 15:10:05 INFO Error: plugin /opt/iredapd/src/plugins-rr/block_amavisd_blacklisted_senders.py not exist.
2012-01-04 15:10:05 INFO Error: plugin /opt/iredapd/src/plugins-rr/ldap_maillist_access_policy.py not exist.

I have copied needed files from src/plugins/ to src/plugins-rr/ and the error now is:

2012-01-04 15:37:49 DEBUG Apply plugin (block_amavisd_blacklisted_senders).
2012-01-04 15:37:49 DEBUG Error while apply plugin (<module 'block_amavisd_blacklisted_senders' from '/opt/iredapd/src/plugins-rr/block_amavisd_blacklisted_senders.py'>): restriction() takes exactly 3 non-keyword arguments (1 given)
2012-01-04 15:37:49 DEBUG Apply plugin (ldap_maillist_access_policy).
2012-01-04 15:37:49 DEBUG Error while apply plugin (<module 'ldap_maillist_access_policy' from '/opt/iredapd/src/plugins-rr/ldap_maillist_access_policy.py'>): restriction() takes exactly 6 non-keyword arguments (2 given)

UPDATE:
I copied iredapd-rr.ini from iredapd.ini and failed with plugins parameter. It prevents sending mails to non-whitelisted addresses with correct plugins= parameter in iredapd-rr.ini:

plugins = ldap_recipient_restrictions

I missed this step in the manual ( http://iredmail.org/wiki/index.php?titl … D/OpenLDAP )

File: /opt/iredapd/etc/iredpad-rr.ini
listen_port = 7778
pid_file        = /var/run/iredapd-rr.pid
log_file        = /var/log/iredapd-rr.log
plugins = ldap_recipient_restrictions         <- I MISSED THIS. FAIL!

Thank you very much Zhang! Nice work!

Now I'm just looking for how to discard the emails with non-whitelisted senders, instead of just marking them as ***SPAM*** but I think I will find this already answered in this forum.

6

Re: [SOLVED] Strict Blacklisting and whitelisting

I followed this post:
http://www.iredmail.org/forum/topic2754 … oring.html
and it is now working as the customer requested.
Thanks again Zhang. I will recommend iredmail.