1 Topic by rocklee44 (edited by rocklee44 2018-04-12 15:50:21)

  • rocklee44
  • Member
  • Offline
  • Registered: 2018-04-11
  • Posts: 3

Topic: Amavisd blacklist action config

==== Required information ====
- iRedMail version (check /etc/iredmail-release): v0.9.8
- Linux/BSD distribution name and version: CentOS Linux release 7.4.1708 (Core)
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): Active Directory
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? No , v0.9 (MySQL)
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
Our domain users can login with SOGO and testing mail with gmail successfully, I want to test Amavisd blacklist feature, so I did :

python wblist_admin.py --account user1@mydomain --add --blacklist my@gmail.com

When my@gmail.com send emails to user1@mydomain , they move to Junk folder, I want they must be rejected with "error code something ..." or discard, what should I do ?
This is mail log when add blacklist:

from=<my@gmail.com>, size=3531, nrcpt=1 (queue active)
Apr 12 10:57:03 webmail amavis[26287]: (26287-01) Passed SPAM {RelayedTaggedInbound}, [209.85.215.53]:34079 [209.85.215.53] <my@gmail.com> -> <user1@mydomain>, Queue-ID: 78C1D8A4C, Message-ID: <CAFUv7NTuhz5GnWb3DyGaJT_HRsPy_F620ejZN=+VuSecJreaBw@mail.gmail.com>, mail_id: 2SgTz3PkSKHS, Hits: -, size: 2682,
queued_as: 47DC08A53, dkim_sd=20161025:gmail.com, 178 ms
Passed SPAM, <my@gmail.com> -> <user1@mydomain>, Hits: -, tag=2, tag2=6.2, kill=6.9, que
ued_as: 47DC08A53, L/Y/Y/Y

This is mail log when remove blacklist:

from=<my@gmail.com>, size=3319, nrcpt=1 (queue active)
Apr 12 10:59:55 webmail amavis[26291]: (26291-01) Passed CLEAN {RelayedInbound}, [209.85.215.65]:44257 [209.85.215.65] <my@gmail.com> -> <user1@mydomain>, Queue-ID: 308768A4C, Message-ID: <CAFUv7NSjsEa3eMK21tJ+mS_WtZ3VhR-rMtS9326fD1KHmK5f5g@mail.gmail.com>, mail_id: SqhreVVO5h8n, Hits: -0.014, size: 2698,
queued_as: 9FBC57A154, dkim_sd=20161025:gmail.com, 4819 ms, Tests: [DKIM_SIGNED=0.1,DKIM_VALID=-0.1,DKIM_VALID_AU=-0.1,FREEMAIL_FROM=0.001,FROM_EXCESS_BASE64=0.105,HTM
L_MESSAGE=0.001,RCVD_IN_DNSWL_NONE=-0.0001,RCVD_IN_MSPIKE_H3=-0.01,RCVD_IN_MSPIKE_WL=-0.01,SPF_PASS=-0.001]
Passed CLEAN, <my@gmail.com> -> <user1@mydomain>, Hits: -0.014, tag=2, tag2=6.2, kill=6.
9, queued_as: 9FBC57A154, L/0/0/0

Can you give me document about how to use amavisd , clamv , SpamAssassin integrate with iRedmail ?

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,792

Re: Amavisd blacklist action config

Could you please turn on debug mode in iRedAPD and try again with that blacklist? We need full debug log of your testing in iRedAPD log file (/var/log/iredapd/iredapd.log) for troubleshooting.
FYI: https://docs.iredmail.org/debug.iredapd.html

3 Reply by rocklee44 (edited by rocklee44 2018-04-12 17:31:51)

  • rocklee44
  • Member
  • Offline
  • Registered: 2018-04-11
  • Posts: 3

Re: Amavisd blacklist action config

Hi Zhang, thanks for your reply, I figured out reason:
I followed instruction here : https://docs.iredmail.org/active.directory.html to Integrate Microsoft Active Directory in iRedMail , in process I comment out check_policy_service inet:127.0.0.1:7777 in /etc/postfix/main.cf so blacklist doesn't work.
this is iredapd.log when my@gmail send to user1@mydomain

2018-04-12 16:29:00 INFO Starting iRedAPD (version: 2.2, backend: mysql), listening on 127.0.0.1:7777.
2018-04-12 16:29:00 INFO Log rotate type: time, interval: W6, backup copies: 12.
2018-04-12 16:29:00 INFO Loading plugin (priority: 100): reject_null_sender
2018-04-12 16:29:00 INFO Loading plugin (priority: 99): wblist_rdns
2018-04-12 16:29:00 INFO Loading plugin (priority: 90): reject_sender_login_mismatch
2018-04-12 16:29:00 INFO Loading plugin (priority: 80): greylisting
2018-04-12 16:29:00 INFO Loading plugin (priority: 60): throttle
2018-04-12 16:29:00 INFO Loading plugin (priority: 50): sql_alias_access_policy
2018-04-12 16:29:00 INFO Loading plugin (priority: 40): amavisd_wblist
2018-04-12 16:29:29 INFO [209.85.215.52] Client is whitelisted for greylisting service: (id=36646, sender=209.85.128.0/17, comment="AUTO-UPDATE: cloudflare.com")
2018-04-12 16:29:29 INFO Blacklisted: wblist=(2, 1, 'B')
2018-04-12 16:29:29 INFO [209.85.215.52] RCPT, my@gmail.com -> user1@mydomain, REJECT Blacklisted [sasl_username=, sender=my@gmail.com, client_name=mail-lf0-f52.google.com, reverse_client_name=mail-lf0-f52.google.com, helo=mail-lf0-f52.google.com, encryption_protocol=TLSv1.2, process_time=0.0533s]

4 Reply by rocklee44 (edited by rocklee44 2018-04-12 18:03:38)

  • rocklee44
  • Member
  • Offline
  • Registered: 2018-04-11
  • Posts: 3

Re: Amavisd blacklist action config

I have one more question, it is out of this topic scope.
I followed instruction here : https://docs.iredmail.org/active.directory.html to Integrate Microsoft Active Directory in iRedMail and I also tried Online Demo of the iRedAdmin-Pro , there are somethings make me confused :

-Account status support. Disable user in AD will cause this account disabled in iRedMail.

so I have to delete user mailbox folder in /var/vmail/vmail1/mydomain/user manually ?

Since AD uses different LDAP schema, you will lose some iRedMail special features. e.g.

    Per-user, per-domain service control with LDAP (e.g. enable/disable POP3/IMAP/SMTP services).
    Advanced mail polices implemented by iRedAPD which relies on iRedMail LDAP scheme.

So if I use iRedAdmin-Pro + Active Directory as backend :
- I cannot use feature "Advanced" in "Edit account profile" --> Profile of user: alpha@example.com ?
- which features that I cannot use in "Edit account profile" --> Profile of domain: example.com and Profile of user: alpha@example.com ? For ex: Forwarding , Relay , Aliases , Throtting , Greylisting , White/Blacklist , Spam Policy ?
- Does iRedMail preferred using OpenLDAP or SQL as backend then AD ?
- Does iRedMail has plan to support AD backend better in future roadmap ?
I find out it is inconvenient to manage iRedMail with AD backend , you should create an Online Demo of the iRedAdmin-Pro with AD backend so we can compare them before we decide to purchase.

5 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,792

Re: Amavisd blacklist action config

rocklee44 wrote:

so I have to delete user mailbox folder in /var/vmail/vmail1/mydomain/user manually ?

Yes.
With iRedMail + OpenLDAP, we have daily cron job to delete mailbox which belongs to removed account (you can select to keep the mailbox for how many days).

rocklee44 wrote:

So if I use iRedAdmin-Pro + Active Directory as backend :

iRedAdmin-Pro doesn't support AD, so you cannot run it with AD at all.