Hi Eric,
Here is my spamdyke.conf:
dns-blacklist-entry=b.barracudacentral.org
dns-blacklist-entry=bl.spamcop.net
dns-blacklist-entry=dnsbl.spfbl.net
graylist-dir=/var/spamdyke/graylist
graylist-level=none
graylist-max-secs=2678400
graylist-min-secs=180
greeting-delay-secs=6
header-blacklist-entry=From:*>,*<*
idle-timeout-secs=60
ip-blacklist-file=/etc/spamdyke/blacklist_ip
ip-in-rdns-keyword-blacklist-file=/etc/spamdyke/blacklist_keywords
ip-in-rdns-keyword-whitelist-file=/etc/spamdyke/whitelist_keywords
ip-whitelist-file=/etc/spamdyke/whitelist_ip
qmail-rcpthosts-file=/var/qmail/control/rcpthosts
log-level=info
max-recipients=50
rdns-blacklist-file=/etc/spamdyke/blacklist_rdns
rdns-whitelist-file=/etc/spamdyke/whitelist_rdns
recipient-blacklist-file=/etc/spamdyke/blacklist_recipients
recipient-whitelist-file=/etc/spamdyke/whitelist_recipients
reject-empty-rdns
reject-sender=no-mx
reject-unresolvable-rdns
sender-blacklist-file=/etc/spamdyke/blacklist_senders
sender-whitelist-file=/etc/spamdyke/whitelist_senders
tls-certificate-file=/var/qmail/control/servercert.pem
tls-level=smtp
Despite that configuration I don't use graylists, black/white-keywords,
black/white-rdns, black/white-recipients or black/white-senders files, I
only use whitelist_ip file and those three blacklists at the top
(barracuda, spamcop and spfbl).
I may try this dns-whitelist, do you know and recommend any list?
Em 24/07/2023 10:10, Eric Broch escreveu:
Leonardo,
Did you see the option to block DNS? Or did you try this?
DNS Whitelists
|dns-whitelist-entry|
|dns-whitelist-file|
|rhs-whitelist-entry|
|rhs-whitelist-file|
spamdyke has the ability to consult DNS whitelists and allow
connections from hosts or senders who match entries on them. DNS
whitelists are essentially DNS RBLs and DNS RHSBLs that list allowed
IP addresses and domain names instead of blocked ones. All of the same
cautionary statements apply to DNS whitelists as to DNS blacklists.
SeeDNS RBLs
<https://www.spamdyke.org/documentation/README.html#DNSRBL>andDNS
RHSBLs
<https://www.spamdyke.org/documentation/README.html#DNSRHSBL>for details.
To use a DNS Realtime Whitelist (the opposite of a DNS RBL), the
option|dns-whitelist-entry|should be given. To use a DNS
Righthand-side Whitelist, the option|rhs-whitelist-entry|should be
given. By default, spamdyke does not use a DNS whitelist. If either
option is given multiple times, each list will be consulted before the
connection is blocked.
If more than a few lists are given,
the|dns-whitelist-file|or|rhs-whitelist-file|options may be used to
provide the lists in files.
*NOTE: Checking DNS whitelists can impose a serious performance
penalty. Using more than three DNS whitelists is not recommended.*
*
*
*
*
On 7/24/2023 6:23 AM, Leonardo Porto wrote:
Hello there,
My Toaster is blocking a customer domain because they are sending
messages from a Google server that is not allowed in their SPF policy:
Jul 21 10:28:45 app1 spamdyke[24853]: DENIED_OTHER from:
per...@jeduca.org.br to: user@mydomain origin_ip: 209.85.215.172
origin_rdns: mail-pg1-f172.google.com auth: (unknown) encryption: TLS
reason:
550_See_http://spf.pobox.com/why.html?sender=person%40jeduca.org.br&ip=209.85.215.172&receiver=myserver_(#5.7.1)
As you can see at their SPF checking:
https://www.spf-record.com/spf-lookup/jeduca.org.br?ip=209.85.215.172
Everytime they send a messagem it comes from a diverse IP so I tried
to whitelist them at /etc/spamdyke/whitelist_senders putting one
sender per line but it did not work.
Do you guys have any adivise?
qmail-1.03-3.1.qt.el7.x86_64
spamdyke 5.0.1+TLS+CONFIGTEST+DEBUG
Centos 7