1

Topic: ireadpd - Google Blacklisted

==== Required information ====
- iRedMail version (check /etc/iredmail-release):
- Linux/BSD distribution name and version:
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):
- Web server (Apache or Nginx):
- Manage mail accounts with iRedAdmin-Pro?
- Related log if you're reporting an issue:
====

Hello,
Appears about 2-3 hours ago system is blocking Google.  Took out all RBLs but am still issuing 554 Blacklisted to gmail accounts. 

Where/how to adjust this to stop blocking valid email?

Ran the script
python spf_to_greylist_whitelists.py gmail.com
inside of /opt/iredapd/tools/

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: ireadpd - Google Blacklisted

What's the Postfix reject message of this blacklist?

3

Re: ireadpd - Google Blacklisted

ZhangHuangbin wrote:

What's the Postfix reject message of this blacklist?

An example:

May  9 18:24:25 mail02 postfix/smtpd[8294]: NOQUEUE: reject: RCPT from mail-qg0-f47.google.com[209.85.192.47]: 554 5.7.1 <user@domain_name.tld>: Recipient address rejected: Blacklisted; from=<gmail_user@gmail.com> to=<user@domain_name.tld> proto=ESMTP helo=<mail-qg0-f47.google.com>

4

Re: ireadpd - Google Blacklisted

Under System -> Blacklisted Senders
There were a list of domains in place. 

Does iredapd use the domain name to do an IP lookup and block email from the IP?
or
Does iredapd actually read the mail headers, detect the e-mail/domain and then apply block the message?

5

Re: ireadpd - Google Blacklisted

pbf343 wrote:

Under System -> Blacklisted Senders
There were a list of domains in place. 

Please read the comment right beside the domain list. Cron job will query the SPF record of them.

6 (edited by pbf343 2016-05-10 23:48:11)

Re: ireadpd - Google Blacklisted

ZhangHuangbin wrote:
pbf343 wrote:

Under System -> Blacklisted Senders
There were a list of domains in place. 

Please read the comment right beside the domain list. Cron job will query the SPF record of them.

Thanks but sometimes there is a disconnect in what is understood by a reader of someone else's content.  Example....

So, where is the "blacklisting" taking place then as all RBLs were commented out.  The error message says nothing but Blacklisted so one must assume it is occurring at iRedAPD.   Next, removing that list of Blacklisted "senders" was the only step which seems to have allowed Gmail to pass.  Plus, how does one verify this was not just a coincidence? 

FYI: appears paid Gmail users were able to send but "free" accounts could not send.

7

Re: ireadpd - Google Blacklisted

You have to check both Postfix and iRedAPD log file to figure out why it was blacklisted. As a temporary solution, please remove this blacklisted IP/sender.

8

Re: ireadpd - Google Blacklisted

ZhangHuangbin wrote:

You have to check both Postfix and iRedAPD log file to figure out why it was blacklisted. As a temporary solution, please remove this blacklisted IP/sender.

That is a start.  I'll investigate the iredapd log.

However, since I did not know what matched the IP, removed all the present entries as noted below which I believe to have been built by iredapd or running the python spf script.

@.bluegnomecomputers.com
@.campingmina.com
@.constrologix.com
@.danfas.com
@.fastmailnmore.com
@.newsletter504.com
@.norveccetercume.com
@.ordigramme.com
@.photohandmade.com
@.reanor.com
@.sherlyshomestay.com
@.shortshortshort.com
@.steelplatez.com
@.ttranscolombia.com
@.visitarlisboa.com
@.zeuptic.com
@agenda-software.de
@asiaticastube.com
@braingrowthhealth.com
@brainiacgrowth.com
@bsnl.in
@buyfloridatours.com
@crdredred.com
@crutrotoil.com
@delrioexecutiveinn.com
@domanialgroup.com
@escesed.com
@gmail.com
@leayis.com
@mecuadorperu.org.pe
@meltfatfaster.com
@meltgarniciatime.com
@mymail.nku.edu
@nomorebadherpes.com
@oiuw.jp.tn
@oneholder.com
@orange.com
@phfourths.science
@probebrainsfast.com
@qq.com
@seminarhostindia.biz
@sfsecondp.science
@stalkerofshadow.com
@studiohdlux.com
@tanuki.ru
@telenall.com
@undcruser.com
@vnpt.vn
@whodatoverthere.com
@wonderwhoswho.com
@xsthirdt.science
@yahoo.co.jp
@ytcv.jp.tn
@zhenik.vattermata.com

9

Re: ireadpd - Google Blacklisted

No. iRedAPD doesn't build blacklists automatically.