Re: [policyd-users] Assistance with blacklist

Mon, 30 Nov 2015 10:20:10 -0800 

Please disregard.  My understanding of the helo process was flawed.

Thanks.

--
Shawn.

On 11/30/2015 12:47 PM, Shawn Raymond wrote:

Hi -
I'm trying to configure blacklisting, but I think I'm missing something simple. I have been unable to find a guide.
The checkhelo appears to be mostly working because I see messages like this in the log: Helo command rejected: ACCESS DENIED. Your email was rejected because the sending mail server appears to be on a dynamic IP address that should not be doing direct mail delivery. 

Version:
postfix-cluebringer/trusty,now 2.0.10-1 all [installed]

mysql> select * from checkhelo ;
+----+----------+-----------+--------------+-----------------+--------+-----------+----------+---------------+----------+--------------------+---------+----------+ | ID | PolicyID | Name | UseBlacklist | BlacklistPeriod | UseHRP | HRPPeriod | HRPLimit | RejectInvalid | RejectIP | RejectUnresolvable | Comment | Disabled | +----+----------+-----------+--------------+-----------------+--------+-----------+----------+---------------+----------+--------------------+---------+----------+ | 2 | 3 | blacklist | 1 | 36000 | NULL | NULL | NULL | 1 | 1 | 0 | | 0 | +----+----------+-----------+--------------+-----------------+--------+-----------+----------+---------------+----------+--------------------+---------+----------+ 

mysql> select * from policies ;
+----+------------------+----------+-------------------------------------------------+----------+ | ID | Name | Priority | Description | Disabled | +----+------------------+----------+-------------------------------------------------+----------+ | 1 | Default | 0 | Default System Policy | 1 | | 2 | Default Outbound | 10 | Default Outbound System Policy | 0 | | 3 | Default Inbound | 10 | Default Inbound System Policy | 0 | | 4 | Default Internal | 20 | Default Internal System Policy | 0 | | 6 | whitelists | 6 | Whitelisted sender, domain, IP | 0 | | 7 | blacklists | 8 | Blacklisted sender, domain, IP | 0 | | 8 | no_greylisting | 20 | Disable grelisting for certain domain and users | 0 | +----+------------------+----------+-------------------------------------------------+----------+ 

mysql> select * from access_control ;
+----+----------+--------------------+---------+-------------+---------+----------+ | ID | PolicyID | Name | Verdict | Data | Comment | Disabled | +----+----------+--------------------+---------+-------------+---------+----------+ | 1 | 6 | bypass_whitelisted | OK | Whitelisted | NULL | 0 | | 2 | 7 | reject_blacklisted | REJECT | Blacklisted | NULL | 0 | +----+----------+--------------------+---------+-------------+---------+----------+ 

mysql> select * from policy_groups ;
+----+-----------------------------+----------+---------+
| ID | Name                        | Disabled | Comment |
+----+-----------------------------+----------+---------+
|  1 | internal_ips                |        0 | NULL    |
|  2 | internal_domains            |        0 | NULL    |
|  3 | whitelists                  |        0 | NULL    |
|  4 | blacklists                  |        0 | NULL    |
|  5 | no_greylisting_for_internal |        0 | NULL    |
|  6 | no_greylisting_for_external |        0 | NULL    |
+----+-----------------------------+----------+---------+

mysql> select * from policy_members ;
+----+----------+-----------------------------------+------------------------------+---------+----------+ | ID | PolicyID | Source | Destination | Comment | Disabled | +----+----------+-----------------------------------+------------------------------+---------+----------+ | 1 | 1 | NULL | NULL | NULL | 0 | | 2 | 2 | %internal_domains | !%internal_domains | NULL | 0 | | 3 | 3 | !%internal_ips,!%internal_domains | %internal_domains | NULL | 0 | | 4 | 4 | %internal_ips,%internal_domains | %internal_domains | NULL | 0 | | 6 | 6 | %whitelists | %internal_domains | NULL | 0 | | 7 | 7 | %blacklists | %internal_domains | NULL | 0 | | 8 | 8 | !%internal_ips,!%internal_domains | %no_greylisting_for_internal | NULL | 0 | | 9 | 8 | %no_greylisting_for_external | %internal_domains | NULL | 0 | +----+----------+-----------------------------------+------------------------------+---------+----------+ 

The entry I'm testing is this:
mysql> select * from checkhelo_blacklist where Helo='lkg.me' ;
+----+--------+---------------+----------+
| ID | Helo   | Comment       | Disabled |
+----+--------+---------------+----------+
| 10 | lkg.me |  test domain. |        0 |
+----+--------+---------------+----------+


Any insight would be appreciated.

Thanks!

--
Shawn.



_______________________________________________
Users mailing list
[email protected]
http://lists.policyd.org/mailman/listinfo/users_lists.policyd.org



_______________________________________________
Users mailing list
[email protected]
http://lists.policyd.org/mailman/listinfo/users_lists.policyd.org

Reply via email to