1 (edited by pbf343 2015-10-03 02:01:43)

Topic: Whitelist syntax

==== Required information ====
- iRedMail version (check /etc/iredmail-release):
- Linux/BSD distribution name and version:
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):
- Web server (Apache or Nginx):
- Manage mail accounts with iRedAdmin-Pro?
- Related log if you're reporting an issue:
====

CentOS 6.6 with MySQL Pro.

Whitelist options...
Single user: user@domain.ltd
User with wildcard: user@*
Entire domain: @domain.ltd
Domain and its sub-domains: @.domain.ltd


Problem.
There is an a domain in whitelist field with this syntax.
@domain.tld

However, the system blocked email from some_user@domain.tld.  The block appears to be caused by "bad header" issue in that is got quarantined instead of passed.

Thought placing an address in whitelist would allow through.  How to address accepting it with bad header?

FYI:
plugins = ["reject_null_sender", "amavisd_message_size_limit", "amavisd_wblist", "sql_alias_access_policy"]

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Whitelist syntax

It's a known issue that Amavisd doesn't read its own whitelists for checking bad-header.

3

Re: Whitelist syntax

ZhangHuangbin wrote:

It's a known issue that Amavisd doesn't read its own whitelists for checking bad-header.

Know issue for CentOS version or all?  What recommendations/options exist to address the issue?

4

Re: Whitelist syntax

Known issue for Amavisd.

Possible solutions:

1) disable bad-header check in Amavisd.
2) Wait for upcoming iRedAdmin-Pro release, it allows admin to manage global, per-domain, per-user spam policy, including a new option: "Bypass bad-header email".

For option 2), if you cannot wait, please try steps below with the latest iRedAdmin-Pro:

*) Go to global spam policy page: System -> Anti Spam -> Global Spam Policy.
*) Change some setting to trigger iRedAdmin-Pro to create required SQL records in SQL table `amavisd.policy`.
*) Now login to SQL server as either `root` or `amavisd` SQL user, find record in sql table `amavisd.policy` which has 'policy_name=@.':

sql> SELECT * FROM policy WHERE policy_name='@.';

*) Update its columns:

sql> UPDATE policy SET bad_header_lover='Y', bad_header_quarantine_to=NULL WHERE policy_name='@.';

That's it.

Notes:

*) if you changed any setting in Global Spam Policy after above change, values of column `bad_header_lover` and `bad_header_quarantine_to` will be reset (because the latest iRedAdmin-Pro doesn't handle them).
*) If you just want to disable bad-header check for emails sent to one local domain, please go to domain profile page, tab "Spam Policy" instead of global spam policy.

Let me know whether it works for you or not.

5 (edited by pbf343 2015-10-09 20:13:37)

Re: Whitelist syntax

How to disable bad-header check in Amavisd?

Current amavisd.conf
$final_bad_header_destiny = D_DISCARD;
$bad_header_quarantine_method = 'sql:';
$bad_header_quarantine_to = 'bad-header-quarantine';


Change amavisd.conf to:
$final_bad_header_destiny = D_PASS;
$bad_header_quarantine_method = undef;
# $bad_header_quarantine_method = 'sql:';
# $bad_header_quarantine_to = 'bad-header-quarantine';


Do you have a link to amavisd issue that you can share about issue?

Is there any anticipated date to correct this issue available at this time?

6

Re: Whitelist syntax

Please search 'bad_header' and 'bypass_header' in Amavisd config file.