[policyd-users] Assistance with blacklist

Mon, 30 Nov 2015 09:49:02 -0800 

Hi -
I'm trying to configure blacklisting, but I think I'm missing something simple. I have been unable to find a guide. 


The checkhelo appears to be mostly working because I see messages like 
this in the log:
 Helo command rejected: ACCESS DENIED. Your email was rejected because 
the sending mail server appears to be on a dynamic IP address that 
should not be doing direct mail delivery.


Version:
postfix-cluebringer/trusty,now 2.0.10-1 all [installed]

mysql> select * from checkhelo ;
+----+----------+-----------+--------------+-----------------+--------+-----------+----------+---------------+----------+--------------------+---------+----------+

| ID | PolicyID | Name      | UseBlacklist | BlacklistPeriod | UseHRP | 
HRPPeriod | HRPLimit | RejectInvalid | RejectIP | RejectUnresolvable | 
Comment | Disabled |

+----+----------+-----------+--------------+-----------------+--------+-----------+----------+---------------+----------+--------------------+---------+----------+

|  2 |        3 | blacklist |            1 | 36000 |   NULL |      NULL 
|     NULL |             1 |        1 |                  0 |         
|        0 |

+----+----------+-----------+--------------+-----------------+--------+-----------+----------+---------------+----------+--------------------+---------+----------+

mysql> select * from policies ;
+----+------------------+----------+-------------------------------------------------+----------+

| ID | Name             | Priority | 
Description                                     | Disabled |

+----+------------------+----------+-------------------------------------------------+----------+

|  1 | Default          |        0 | Default System 
Policy                           |        1 |
|  2 | Default Outbound |       10 | Default Outbound System 
Policy                  |        0 |
|  3 | Default Inbound  |       10 | Default Inbound System 
Policy                   |        0 |
|  4 | Default Internal |       20 | Default Internal System 
Policy                  |        0 |
|  6 | whitelists       |        6 | Whitelisted sender, domain, 
IP                  |        0 |
|  7 | blacklists       |        8 | Blacklisted sender, domain, 
IP                  |        0 |
|  8 | no_greylisting   |       20 | Disable grelisting for certain 
domain and users |        0 |

+----+------------------+----------+-------------------------------------------------+----------+

mysql> select * from access_control ;
+----+----------+--------------------+---------+-------------+---------+----------+

| ID | PolicyID | Name               | Verdict | Data        | Comment | 
Disabled |

+----+----------+--------------------+---------+-------------+---------+----------+

|  1 |        6 | bypass_whitelisted | OK      | Whitelisted | NULL    
|        0 |
|  2 |        7 | reject_blacklisted | REJECT  | Blacklisted | NULL    
|        0 |

+----+----------+--------------------+---------+-------------+---------+----------+

mysql> select * from policy_groups ;
+----+-----------------------------+----------+---------+
| ID | Name                        | Disabled | Comment |
+----+-----------------------------+----------+---------+
|  1 | internal_ips                |        0 | NULL    |
|  2 | internal_domains            |        0 | NULL    |
|  3 | whitelists                  |        0 | NULL    |
|  4 | blacklists                  |        0 | NULL    |
|  5 | no_greylisting_for_internal |        0 | NULL    |
|  6 | no_greylisting_for_external |        0 | NULL    |
+----+-----------------------------+----------+---------+

mysql> select * from policy_members ;
+----+----------+-----------------------------------+------------------------------+---------+----------+

| ID | PolicyID | Source                            | 
Destination                  | Comment | Disabled |

+----+----------+-----------------------------------+------------------------------+---------+----------+

|  1 |        1 | NULL                              | 
NULL                         | NULL    |        0 |
|  2 |        2 | %internal_domains                 | 
!%internal_domains           | NULL    |        0 |
|  3 |        3 | !%internal_ips,!%internal_domains | 
%internal_domains            | NULL    |        0 |
|  4 |        4 | %internal_ips,%internal_domains   | 
%internal_domains            | NULL    |        0 |
|  6 |        6 | %whitelists                       | 
%internal_domains            | NULL    |        0 |
|  7 |        7 | %blacklists                       | 
%internal_domains            | NULL    |        0 |
|  8 |        8 | !%internal_ips,!%internal_domains | 
%no_greylisting_for_internal | NULL    |        0 |
|  9 |        8 | %no_greylisting_for_external      | 
%internal_domains            | NULL    |        0 |

+----+----------+-----------------------------------+------------------------------+---------+----------+

The entry I'm testing is this:
mysql> select * from checkhelo_blacklist where Helo='lkg.me' ;
+----+--------+---------------+----------+
| ID | Helo   | Comment       | Disabled |
+----+--------+---------------+----------+
| 10 | lkg.me |  test domain. |        0 |
+----+--------+---------------+----------+


Any insight would be appreciated.

Thanks!

--
Shawn.



_______________________________________________
Users mailing list
Users@lists.policyd.org
http://lists.policyd.org/mailman/listinfo/users_lists.policyd.org






















					Reply via email to