Topic: Problem disabling greylisting
==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 0.9.9 OPENLDAP edition
- Deployed with iRedMail Easy or the downloadable installer? Download
- Linux/BSD distribution name and version: Debian 9.9
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
I am trying to disable greylisting for @(all_subdomains).groupon.com. Using the greylisting_admin.py I disabled greylisting for '@.groupon.com', see below. However it's still being greylisted, see the iredapd.log below.
As I understand reading https://docs.iredmail.org/manage.iredapd.html and also the comments in greylisting_admin.py it should work. Am I doing something wrong?
root@genesis:/home/admin# /opt/iredapd/tools/greylisting_admin.py --list
Status Sender -> Local Account
------------------------------------------------------------------------------
disabled bounce@infusionmail.com -> @. (anyone)
disabled @bounce.r.livingsocial.com -> @. (anyone)
disabled @.paypal.com -> @. (anyone)
disabled @.groupon.com -> @. (anyone)
enabled @. (anyone) -> @. (anyone)
iredapd.log
Jul 6 04:23:49 genesis iredapd DEBUG: [policy] request=smtpd_access_policy
Jul 6 04:23:49 genesis iredapd DEBUG: [policy] protocol_state=RCPT
Jul 6 04:23:49 genesis iredapd DEBUG: [policy] protocol_name=ESMTP
Jul 6 04:23:49 genesis iredapd DEBUG: [policy] client_address=50.115.222.78
Jul 6 04:23:49 genesis iredapd DEBUG: [policy] client_name=mta78s3.r.groupon.com
Jul 6 04:23:49 genesis iredapd DEBUG: [policy] client_port=21815
Jul 6 04:23:49 genesis iredapd DEBUG: [policy] reverse_client_name=mta78s3.r.groupon.com
Jul 6 04:23:49 genesis iredapd DEBUG: [policy] helo_name=mta78s3.r.groupon.com
Jul 6 04:23:49 genesis iredapd DEBUG: [policy] sender=6612a790-24a1-11e2-8854-00259069d5fe@bounce.r.groupon.com
Jul 6 04:23:49 genesis iredapd DEBUG: [policy] recipient=me@mydomain.com
Jul 6 04:23:49 genesis iredapd DEBUG: [policy] recipient_count=0
Jul 6 04:23:49 genesis iredapd DEBUG: [policy] queue_id=
Jul 6 04:23:49 genesis iredapd DEBUG: [policy] instance=64f8.5d2084c4.e2ac2.0
Jul 6 04:23:49 genesis iredapd DEBUG: [policy] size=0
Jul 6 04:23:49 genesis iredapd DEBUG: [policy] etrn_domain=
Jul 6 04:23:49 genesis iredapd DEBUG: [policy] stress=
Jul 6 04:23:49 genesis iredapd DEBUG: [policy] sasl_method=
Jul 6 04:23:49 genesis iredapd DEBUG: [policy] sasl_username=
Jul 6 04:23:49 genesis iredapd DEBUG: [policy] sasl_sender=
Jul 6 04:23:49 genesis iredapd DEBUG: [policy] ccert_subject=
Jul 6 04:23:49 genesis iredapd DEBUG: [policy] ccert_issuer=
Jul 6 04:23:49 genesis iredapd DEBUG: [policy] ccert_fingerprint=
Jul 6 04:23:49 genesis iredapd DEBUG: [policy] ccert_pubkey_fingerprint=
Jul 6 04:23:49 genesis iredapd DEBUG: [policy] encryption_protocol=TLSv1.2
Jul 6 04:23:49 genesis iredapd DEBUG: [policy] encryption_cipher=ECDHE-RSA-AES256-GCM-SHA384
Jul 6 04:23:49 genesis iredapd DEBUG: [policy] encryption_keysize=256
Jul 6 04:23:49 genesis iredapd DEBUG: [policy] policy_context=
Jul 6 04:23:49 genesis iredapd DEBUG: --> Apply plugin: reject_null_sender
Jul 6 04:23:49 genesis iredapd DEBUG: <-- Result: DUNNO
Jul 6 04:23:49 genesis iredapd DEBUG: --> Apply plugin: wblist_rdns
Jul 6 04:23:49 genesis iredapd DEBUG: All policy rDNS names: ['mta78s3.r.groupon.com', '.mta78s3.r.groupon.com', '.r.groupon.com', '.groupon.com', '.com']
Jul 6 04:23:49 genesis iredapd DEBUG: [SQL] Query whitelisted rDNS names: #012SELECT rdns#012
FROM wblist_rdns#012 WHERE rdns IN ('mta78s3.r.groupon.com', '.mta78s3.r.groupon.com', '.r.groupon.com', '.groupon.com', '.com') AND wb='W'#012 LIMIT 1
Jul 6 04:23:49 genesis iredapd DEBUG: [SQL] Query blacklisted rDNS names: #012SELECT rdns#012
FROM wblist_rdns#012 WHERE rdns IN ('mta78s3.r.groupon.com', '.mta78s3.r.groupon.com', '.r.groupon.com', '.groupon.com', '.com') AND wb='B'#012 LIMIT 1
Jul 6 04:23:49 genesis iredapd DEBUG: <-- Result: DUNNO
Jul 6 04:23:49 genesis iredapd DEBUG: --> Apply plugin: reject_sender_login_mismatch
Jul 6 04:23:49 genesis iredapd DEBUG: Not an authenticated sender (no sasl_username).
Jul 6 04:23:49 genesis iredapd DEBUG: Sender domain is NOT hosted locally.
Jul 6 04:23:49 genesis iredapd DEBUG: Sender domain is not hosted locally, dunno.
Jul 6 04:23:49 genesis iredapd DEBUG: <-- Result: DUNNO
Jul 6 04:23:49 genesis iredapd DEBUG: --> Apply plugin: greylisting
Jul 6 04:23:49 genesis iredapd DEBUG: [SQL] Query greylisting whitelists from `greylisting_whitelist_domain_spf`: #012SELECT sender#012 FROM greylisting_whitelist_domain_spf#012
WHERE account IN ('me@mydomain.com', '@mydomain.com', '@.', '@.mydomain.com', '@.com')
Jul 6 04:23:49 genesis iredapd DEBUG: [SQL] Query greylisting whitelists from `greylisting_whitelists`: #012SELECT sender#012 FROM greylisting_whitelists#012 WHERE
account IN ('me@mydomain.com', '@mydomain.com', '@.', '@.mydomain.com', '@.com')
Jul 6 04:23:49 genesis iredapd DEBUG: [50.115.222.78] Client is not explictly whitelisted.
Jul 6 04:23:49 genesis iredapd DEBUG: No whitelist found.
Jul 6 04:23:49 genesis iredapd DEBUG: [SQL] query greylisting settings: #012SELECT id, account, sender, sender_priority, active#012 FROM greylisting#012 WHERE account IN ('me@mydomain.com', '@mydomain.com', '@.', '@.mydomain.com', '@.com')#012 ORDER BY priority DESC, sender_priority DESC
Jul 6 04:23:49 genesis iredapd DEBUG: [SQL] query result: [(19L, '@.', 'bounce@infusionmail.com', 100, 0), (17L, '@.', '@bounce.r.livingsocial.com', 60, 0), (21L, '@.', '@.paypal.com', 50, 0), (23L, '@.', '@.groupon.com', 50, 0), (11L, '@.', '@.', 0, 1)]
Jul 6 04:23:49 genesis iredapd DEBUG: Greylisting should be applied according to SQL record: (id=11, account='@.', sender='@.')
Jul 6 04:23:49 genesis iredapd DEBUG: [SQL] check whether client address (50.115.222.78) passed greylisting: #012SELECT id#012 FROM greylisting_tracking#012 WHERE client_address='50.115.222.78'#012 AND passed=1#012 LIMIT 1
Jul 6 04:23:49 genesis iredapd DEBUG: Client address (50.115.222.78) didn't pass greylisting.
Jul 6 04:23:49 genesis iredapd DEBUG: [SQL] query greylisting tracking: #012SELECT init_time, blocked_count, block_expired, record_expired#012 FROM greylisting_tracking#012
WHERE sender='6612a790-24a1-11e2-8854-00259069d5fe@bounce.r.groupon.com'#012 AND
recipient='me@mydomain.com'#012 AND client_address='50.115.222.78'#012
LIMIT 1
Jul 6 04:23:49 genesis iredapd INFO: [50.115.222.78] Client has not been seen before, greylisted.
----
Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.