1

Topic: sogo/amavis blacklist/whitelist priority

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): v0.9.8
- Linux/BSD distribution name and version: Centos 7
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): PGSQL
- Web server (Apache or Nginx):Nginx
- Manage mail accounts with iRedAdmin-Pro? Not yet
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Hello, newly installed server, v0.9.8. Working well, no issues, send/receive ok. (technically, not receiving yet, secondary mx. Sends no issue)
Wanted to be very restrictive, internal server only, send receive from one domain only (separate service)

Method selected was to blacklist/whitelist in Amavis (included with the standard iredmail install)
Understand there are outbound and inbound black/whitelists

added @. to blacklists (all users)
added alloweddomain.com to whitelists

Roundcube works perfectly, exactly as expected

Sogo appears to have an issue, perhaps applying the lists out of order?

If I set the INBOUND list to @. then try to SEND and email from sogo, fails
"Cannot send message: all recipients are invalid."

maillog:
Jun 15 20:09:51 mx postfix/postscreen[10139]: CONNECT from [127.0.0.1]:47762 to [127.0.0.1]:25
Jun 15 20:09:51 mx postfix/postscreen[10139]: WHITELISTED [127.0.0.1]:47762
Jun 15 20:09:51 mx postfix/smtpd[10140]: connect from localhost[127.0.0.1]
Jun 15 20:09:52 mx postfix/smtpd[10140]: NOQUEUE: reject: RCPT from localhost[127.0.0.1]: 554 5.7.1 <d.lee@alloweddomain.com>: Recipient address rejected: Blacklisted; from=<postmaster@iredmailserverdomain.com> to=<d.lee@alloweddomain.com> proto=ESMTP helo=<localhost>
Jun 15 20:09:52 mx postfix/smtpd[10140]: disconnect from localhost[127.0.0.1]

Any ideas?

If I remove blacklist @. everything works again.

Sogo, for the Activesync

thankyou

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: sogo/amavis blacklist/whitelist priority

Isn't it working as expected? except that SOGO error message is not clear.

3

Re: sogo/amavis blacklist/whitelist priority

ZhangHuangbin wrote:

Isn't it working as expected? except that SOGO error message is not clear.

documentation mention priority of whitelist over blacklist; so if we blacklist everything and whitelist one thing, then that one thing is all that should be allowed?

Sogo also appears to be picking up the inbound blacklist when sending email, rather than the outbound list?

What I don't understand is why sogo would behave differently to roundcube?

4

Re: sogo/amavis blacklist/whitelist priority

d.lee wrote:

documentation mention priority of whitelist over blacklist; so if we blacklist everything and whitelist one thing, then that one thing is all that should be allowed?

Correct.

My fault that i misunderstood your first post (the sogo part). Could you please turn on debug mode in iRedAPD and reproduce the issue with SOGo again? extract all iRedAPD log related to this testing and paste here.

FYI: https://docs.iredmail.org/debug.iredapd.html