==================================================================
Please DO NOT REPLY to this mail or send email to the developers
about this bug. Please follow-up to Bugzilla using this
link:http://bugs.contribs.org/show_bug.cgi?id=8321
Have you checked the Frequently Asked Questions (FAQ)?
http://wiki.contribs.org/SME_Server:Documentation:FAQ
Please also take the time to read the following useful guide:
http://www.chiark.greenend.org.uk/~sgtatham/bugs.html
==================================================================
Bug ID: 8321
Summary: smeserver-wbl whitelisted sender not bypassing dnsbl
checks
Classification: Contribs
Product: SME Contribs
Version: 8.1
Hardware: ---
OS: ---
Status: CONFIRMED
Severity: normal
Priority: P3
Component: smeserver-wbl
Assignee: [email protected]
Reporter: [email protected]
QA Contact: [email protected]
SME v8.1 but was also happening on v8
I've been trying to figure out if either I'm doing something wrong (most
likely) or have a problem with whitelisting
I have had a number of emails bounced despite having them whitelisted.
They are all from clients using the same Fasthost service. The mails are
getting blocklisted but they should be being passed by the whitelist senders
I have tried every which way to add them to the various whitelisting panels but
to no avail.
According to this post with the whitelist_soft plugin before the dnsbl plugin,
anything that it discovers is on the whitelist should pass but for some reason
it doesn't.
http://www.nntp.perl.org/group/perl.qpsmtpd/2007/05/msg6624.html
"Not quite accurate. dnsbl hooks connect, but it only starts the dns lookups
at this point. It doesn't actually check those lookups until the rcpt hook,
for just this reason. Just make sure that any whitelist plugin is listed
before dnsbl and you can successfully whitelist on MAIL FROM (which happens
before RCPT)..."
I think this bug may have a similar problem :
http://bugs.contribs.org/show_bug.cgi?id=4769
I have other clients in whitelist senders that do not get bounced, though they
were originally bounced when I set WBL up. Added them to the whitelist and job
done. I can only assume they never hit the dnsbl DENYHARD.
Attached is one particular log from /var/log/qpsmtpd - I think it is complete
(I take it the number 27604 is the 'transaction' for this particular mail?)
The user is '[email protected]' but sends via their Fastnet SmartHost (which
looks to be M$ powered). Yes, I could remove the DNSBL for www.uceprotect.net
but it blocks a huge amount of junk and I am loath to do so for the sake of a
few emails.
I wanted to try and see what the plugin was actually seeing/reporting but my
perl debug skills are not that good :-(
I've read various posts regarding whitelist on the perl.qpsmtpd list and am
even more confused than before :-)
On one hand it looks like the plugin should skip dnsbl if it matches something
in the whitelists, but in another it seems that isn't the case. The 'DECLINED'
statements are a bit confusing !
In the whitelist_soft plugin I think the problem is that it isn't matching an
address in the whitelist senders list so doesn't return 'OK'.
I've also added one of my other addresses into the whitelist senders to see if
it trips the 'OK' but nothing.
This is the relevant section from /usr/share/qpsmtpd/plugins :
sub check_sender {
my ($self, $transaction, $sender) = @_;
# If per_recipient will be rcpt hook, and sender actually rcpt
my $config_arg = {};
if ($self->{_per_recipient}) {
$config_arg = { rcpt => $sender, %MERGE };
$sender = $transaction->sender;
}
return DECLINED if $sender->format eq '<>';
my $addr = lc $sender->address or return DECLINED;
my $host = lc $sender->host or return DECLINED;
for my $h ($self->qp->config('whitelistsenders', $config_arg)) {
next unless $h;
$h = lc $h;
if ($addr eq $h or $host eq $h) {
$transaction->notes('whitelistsender', 1);
$self->log(2,"envelope sender $addr in whitelistsenders");
return OK; # !!! Should get here if name is in senders list !!!
}
}
return DECLINED;
}
I thought about adding some lines like :
$self->log(LOGWARN, "addr $addr host $host");
$self->log(LOGDEBUG, "addr $addr host $host");
There are similar lines in the Spamasssassin plugin (which does log) but the
above don't seem to log anything. Do I need to add something to enable logging
?
Any other tips or advice on trying to debug this ?
It's hard trying to send yourself a dodgy mail for test purposes so have to
keep annoying clients and getting them to send to me which is frustrating.
Guess I need a fasthosts account :-)
--
You are receiving this mail because:
You are the QA Contact for the bug.
_______________________________________________
Mail for each SME Contribs bug report
To unsubscribe, e-mail [email protected]
Searchable archive at http://lists.contribs.org/mailman/public/contribteam/
