1 Topic by dorpha (edited by dorpha 2015-03-26 09:26:49)

  • dorpha
  • Member
  • Offline
  • Registered: 2015-01-23
  • Posts: 44

Topic: Global blacklist not functioning

================ Required information ====
- iRedMail version: 0.9.0
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Web server (Apache or Nginx): Nginx
- Linux/BSD distribution name and version: Ubuntu 14.04
- Related log if you're reporting an issue:
====

The following yellow-text-block keeps showing on the right-lower corner on the global blacklist page https://<mail_server>/iredadmin/system/wblist:

This feature requires iRedAPD plugin 'amavisd_wblist', 
please make sure it's enabled in 
file /opt/iredapd/settings.py.

Does this yellow-text-block indicates that the blacklist is not functioning? The settings.py file looks good though:

plugins = ["reject_null_sender", "amavisd_message_size_limit", "amavisd_wblist", "ldap_maillist_access_policy"]

After adding inzaclubc@yahoo.es to the blacklist, the mail.log still prompts:

Mar 26 07:53:42 dmail postfix/smtpd[2722]: NOQUEUE: reject: RCPT from 128-67-190-109.dsl.ovh.fr[109.190.67.128]: 454 4.7.1 <inzaclubc@yahoo.es>: Rela$
Mar 26 07:53:43 dmail postfix/smtpd[2722]: disconnect from 128-67-190-109.dsl.ovh.fr[109.190.67.128]

There seems to be no block action taken or logged in iredapd.log:

2015-03-26 07:42:05 INFO Starting iRedAPD (version: 1.4.4, backend: ldap), listening on 127.0.0.1:7777.
2015-03-26 07:42:05 INFO Loading plugin: reject_null_sender
2015-03-26 07:42:05 INFO Loading plugin: amavisd_message_size_limit
2015-03-26 07:42:05 INFO Loading plugin: amavisd_wblist
2015-03-26 07:42:05 INFO Loading plugin: ldap_maillist_access_policy
<below is empty>

Any clues where else should we check? Thanks.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,787

Re: Global blacklist not functioning

According to the NOQUEUE message, Postfix rejected it itself before invoking policy server (iRedAPD in our case). It doesn't mean iRedAPD plugins are not working.

3 Reply by dorpha

  • dorpha
  • Member
  • Offline
  • Registered: 2015-01-23
  • Posts: 44

Re: Global blacklist not functioning

ok.
Since the sender inzaclubc@yahoo.es keeps connecting to our mail server using different ips every two hours, would there be a recommended way to drop these malicious senders before they enter and start using our mail services?

4 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,787

Re: Global blacklist not functioning

You can blacklist this sender email address with iRedAdmin-Pro. If it bypasses Postfix builtin restrictions, iRedAPD will check blacklisted senders and reject all emails from this sender.

5 Reply by dorpha

  • dorpha
  • Member
  • Offline
  • Registered: 2015-01-23
  • Posts: 44

Re: Global blacklist not functioning

That makes sense.