have a look in to these two GUI sections
DNSBL - RBL Validation
Whitelisting and RWL(DNSWL)
(I think you already done it)
The RWL check is done first and if RBLWL is OFF, the RBL check is skipped
for the IP if RWL found a match.
Notice, that the analyzer shows all results without any dependency to get
all available information for the admin.
>• 10.100.23.15 is in RWLCache: status=not listed
Remove this cache entry and check again - possibly first using a DNS
lookup.
Blacklist - should report listed and Whitelist should report listed
(127.0.0.1).
As long as there is a valid cache entry, no new RWL query will be done!
Thomas
Von: Farokh <far...@besttechsvc.com>
An: For Users of ASSP <assp-user@lists.sourceforge.net>
Datum: 16.03.2017 12:36
Betreff: Re: [Assp-user] Blacklist vs Whitelist...
Thanks, but I may not have been clear enough in my original post. I'm
using a database to maintain my blacklist and whitelist. Whenever I make
changes, I export them in a format for bind to use replacing the two zone
files completely, and then relying on blacklist and whitelist DNS lookups
to accept or reject emails.
My RBLWL is off.
denySMTPConnectionsFrom is a file with just a couple of lines in it.
denySMTPConnectionsFromAlways is the default file that comes with ASSP - I
haven't made any changes to it.
Again, I'm trying to do this completely using DNS based blacklisting and
whitelisting.
Thanks.
Farokh
----------------------------------------------------------------------------
Best Tech Service, LLC - When only the Best will do...
For all your technology needs including hosting solutions.
Cell: 914-262-1594
Like us on facebook: https://www.facebook.com/besttechsvc
Thomas Eckardt wrote:
check
- RBLWL
- denySMTPConnectionsFrom
- denySMTPConnectionsFromAlways
>What I will do is add a range of IPs to the blacklist (say a /24 or /16)
and then whitelist specific IPs within that range.
I don't recommend to do it this way.
Let's say you added 10.0.0.0/8 to denySMTPConnectionsFrom and you use the
IP action dialog to remove 10.1.1.1 from this list, assp will modify this
line in to
##########
# modified - removed: 10.1.1.1 from >10.0.0.0/8<
# low CIDR: 10.0.0.0/16 10.1.0.0/24 10.1.1.0/32
# high CIDR: 10.1.1.2/31 10.1.1.4/30 10.1.1.8/29 10.1.1.16/28 10.1.1.32/27
10.1.1.64/26 10.1.1.128/25 10.1.2.0/23 10.1.4.0/22 10.1.8.0/21
10.1.16.0/20 10.1.32.0/19 10.1.64.0/18 10.1.128.0/17 10.2.0.0/15
10.4.0.0/14 10.8.0.0/13 10.16.0.0/12 10.32.0.0/11 10.64.0.0/10
10.128.0.0/9
##########
10.0.0.0-10.1.1.0
10.1.1.2-10.255.255.255
So keep your lists logical clean!
Thomas
Von: Farokh <far...@besttechsvc.com>
An: assp-user@lists.sourceforge.net
Datum: 15.03.2017 18:13
Betreff: [Assp-user] Blacklist vs Whitelist...
Good day everyone.
I'm fairly new to ASSP but am setting it up to replace an existing (but no
longer supported) spam solution I've been using.
My question concerns using DNS based blacklists and whitelists. I have two
sets of DNS based lists running on bind. One is a blacklist and one is a
whitelist. What I will do is add a range of IPs to the blacklist (say a
/24 or /16) and then whitelist specific IPs within that range. For example
(using non-routeable IPs):
Blacklist - 10.0.0.0/8
Whitelist - 10.100.23.15/32
ASSP flags anything coming from 10.100.23.15 as spam, even though it's
whitelisted. When I run the real IP through the mail analyzer, I get the
following (replacing the actual IP with 10.100.23.15):
• URIBL check: 'OK'
• RBLCacheCheck returned OK for 10.100.23.15: inserted as not ok at
2017-03-15 11:58:22 , listed by bl.mcf.com{127.0.0.2} - message score: 10
• RBLScore: bl.mcf.com -> 127.0.0.2 -> 10
• 10.100.23.15 is in PTRCache: status=PTR OK - mail.tcmsp.net
• 10.100.23.15 is in RWLCache: status=not listed
• 10.100.23.15 SenderBase: status=not classified, ...
If I use nslookup to lookup ip address in the whitelist, I get a 127.0.0.3
return value, which is what I expect.
Do I have something configured incorrectly that is preventing the
whitelist from overriding the blacklist?
Any pointers would be appreciated.
Thanks.
Farokh
----------------------------------------------------------------------------
Best Tech Service, LLC - When only the Best will do...
For all your technology needs including hosting solutions.
Cell: 914-262-1594
Like us on facebook: https://www.facebook.com/besttechsvc
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Assp-user mailing list
Assp-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-user
DISCLAIMER:
*******************************************************
This email and any files transmitted with it may be confidential, legally
privileged and protected in law and are intended solely for the use of the
individual to whom it is addressed.
This email was multiple times scanned for viruses. There should be no
known virus in this email!
*******************************************************
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Assp-user mailing list
Assp-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-user
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Assp-user mailing list
Assp-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-user
DISCLAIMER:
*******************************************************
This email and any files transmitted with it may be confidential, legally
privileged and protected in law and are intended solely for the use of the
individual to whom it is addressed.
This email was multiple times scanned for viruses. There should be no
known virus in this email!
*******************************************************
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Assp-user mailing list
Assp-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-user
