1

Topic: Problem disabling greylisting

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release):  0.9.9 OPENLDAP edition
- Deployed with iRedMail Easy or the downloadable installer? Download
- Linux/BSD distribution name and version:  Debian 9.9
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):  LDAP
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

I am trying to disable greylisting for @(all_subdomains).groupon.com. Using the greylisting_admin.py I disabled greylisting for '@.groupon.com', see below. However it's still being greylisted, see the iredapd.log below.

As I understand reading https://docs.iredmail.org/manage.iredapd.html and also the comments in greylisting_admin.py it should work. Am I doing something wrong?

root@genesis:/home/admin# /opt/iredapd/tools/greylisting_admin.py --list
Status   Sender                             -> Local Account                 
------------------------------------------------------------------------------
disabled bounce@infusionmail.com            -> @. (anyone)                   
disabled @bounce.r.livingsocial.com         -> @. (anyone)                   
disabled @.paypal.com                       -> @. (anyone)                   
disabled @.groupon.com                      -> @. (anyone)                   
enabled  @. (anyone)                        -> @. (anyone)                   

iredapd.log

Jul  6 04:23:49 genesis iredapd DEBUG: [policy] request=smtpd_access_policy
Jul  6 04:23:49 genesis iredapd DEBUG: [policy] protocol_state=RCPT
Jul  6 04:23:49 genesis iredapd DEBUG: [policy] protocol_name=ESMTP
Jul  6 04:23:49 genesis iredapd DEBUG: [policy] client_address=50.115.222.78
Jul  6 04:23:49 genesis iredapd DEBUG: [policy] client_name=mta78s3.r.groupon.com
Jul  6 04:23:49 genesis iredapd DEBUG: [policy] client_port=21815
Jul  6 04:23:49 genesis iredapd DEBUG: [policy] reverse_client_name=mta78s3.r.groupon.com
Jul  6 04:23:49 genesis iredapd DEBUG: [policy] helo_name=mta78s3.r.groupon.com
Jul  6 04:23:49 genesis iredapd DEBUG: [policy] sender=6612a790-24a1-11e2-8854-00259069d5fe@bounce.r.groupon.com
Jul  6 04:23:49 genesis iredapd DEBUG: [policy] recipient=me@mydomain.com
Jul  6 04:23:49 genesis iredapd DEBUG: [policy] recipient_count=0
Jul  6 04:23:49 genesis iredapd DEBUG: [policy] queue_id=
Jul  6 04:23:49 genesis iredapd DEBUG: [policy] instance=64f8.5d2084c4.e2ac2.0
Jul  6 04:23:49 genesis iredapd DEBUG: [policy] size=0
Jul  6 04:23:49 genesis iredapd DEBUG: [policy] etrn_domain=
Jul  6 04:23:49 genesis iredapd DEBUG: [policy] stress=
Jul  6 04:23:49 genesis iredapd DEBUG: [policy] sasl_method=
Jul  6 04:23:49 genesis iredapd DEBUG: [policy] sasl_username=
Jul  6 04:23:49 genesis iredapd DEBUG: [policy] sasl_sender=
Jul  6 04:23:49 genesis iredapd DEBUG: [policy] ccert_subject=
Jul  6 04:23:49 genesis iredapd DEBUG: [policy] ccert_issuer=
Jul  6 04:23:49 genesis iredapd DEBUG: [policy] ccert_fingerprint=
Jul  6 04:23:49 genesis iredapd DEBUG: [policy] ccert_pubkey_fingerprint=
Jul  6 04:23:49 genesis iredapd DEBUG: [policy] encryption_protocol=TLSv1.2
Jul  6 04:23:49 genesis iredapd DEBUG: [policy] encryption_cipher=ECDHE-RSA-AES256-GCM-SHA384
Jul  6 04:23:49 genesis iredapd DEBUG: [policy] encryption_keysize=256
Jul  6 04:23:49 genesis iredapd DEBUG: [policy] policy_context=
Jul  6 04:23:49 genesis iredapd DEBUG: --> Apply plugin: reject_null_sender
Jul  6 04:23:49 genesis iredapd DEBUG: <-- Result: DUNNO
Jul  6 04:23:49 genesis iredapd DEBUG: --> Apply plugin: wblist_rdns
Jul  6 04:23:49 genesis iredapd DEBUG: All policy rDNS names: ['mta78s3.r.groupon.com', '.mta78s3.r.groupon.com', '.r.groupon.com', '.groupon.com', '.com']
Jul  6 04:23:49 genesis iredapd DEBUG: [SQL] Query whitelisted rDNS names: #012SELECT rdns#012
         FROM wblist_rdns#012              WHERE rdns IN ('mta78s3.r.groupon.com', '.mta78s3.r.groupon.com', '.r.groupon.com', '.groupon.com', '.com') AND wb='W'#012              LIMIT 1
Jul  6 04:23:49 genesis iredapd DEBUG: [SQL] Query blacklisted rDNS names: #012SELECT rdns#012     
         FROM wblist_rdns#012              WHERE rdns IN ('mta78s3.r.groupon.com', '.mta78s3.r.groupon.com', '.r.groupon.com', '.groupon.com', '.com') AND wb='B'#012              LIMIT 1
Jul  6 04:23:49 genesis iredapd DEBUG: <-- Result: DUNNO
Jul  6 04:23:49 genesis iredapd DEBUG: --> Apply plugin: reject_sender_login_mismatch
Jul  6 04:23:49 genesis iredapd DEBUG: Not an authenticated sender (no sasl_username).
Jul  6 04:23:49 genesis iredapd DEBUG: Sender domain is NOT hosted locally.
Jul  6 04:23:49 genesis iredapd DEBUG: Sender domain is not hosted locally, dunno.
Jul  6 04:23:49 genesis iredapd DEBUG: <-- Result: DUNNO
Jul  6 04:23:49 genesis iredapd DEBUG: --> Apply plugin: greylisting
Jul  6 04:23:49 genesis iredapd DEBUG: [SQL] Query greylisting whitelists from `greylisting_whitelist_domain_spf`: #012SELECT sender#012                   FROM greylisting_whitelist_domain_spf#012
              WHERE account IN ('me@mydomain.com', '@mydomain.com', '@.', '@.mydomain.com', '@.com')
Jul  6 04:23:49 genesis iredapd DEBUG: [SQL] Query greylisting whitelists from `greylisting_whitelists`: #012SELECT sender#012                   FROM greylisting_whitelists#012                  WHERE
account IN ('me@mydomain.com', '@mydomain.com', '@.', '@.mydomain.com', '@.com')
Jul  6 04:23:49 genesis iredapd DEBUG: [50.115.222.78] Client is not explictly whitelisted.
Jul  6 04:23:49 genesis iredapd DEBUG: No whitelist found.
Jul  6 04:23:49 genesis iredapd DEBUG: [SQL] query greylisting settings: #012SELECT id, account, sender, sender_priority, active#012               FROM greylisting#012              WHERE account IN ('me@mydomain.com', '@mydomain.com', '@.', '@.mydomain.com', '@.com')#012              ORDER BY priority DESC, sender_priority DESC
Jul  6 04:23:49 genesis iredapd DEBUG: [SQL] query result: [(19L, '@.', 'bounce@infusionmail.com', 100, 0), (17L, '@.', '@bounce.r.livingsocial.com', 60, 0), (21L, '@.', '@.paypal.com', 50, 0), (23L, '@.', '@.groupon.com', 50, 0), (11L, '@.', '@.', 0, 1)]
Jul  6 04:23:49 genesis iredapd DEBUG: Greylisting should be applied according to SQL record: (id=11, account='@.', sender='@.')
Jul  6 04:23:49 genesis iredapd DEBUG: [SQL] check whether client address (50.115.222.78) passed greylisting: #012SELECT id#012               FROM greylisting_tracking#012              WHERE client_address='50.115.222.78'#012                    AND passed=1#012              LIMIT 1
Jul  6 04:23:49 genesis iredapd DEBUG: Client address (50.115.222.78) didn't pass greylisting.
Jul  6 04:23:49 genesis iredapd DEBUG: [SQL] query greylisting tracking: #012SELECT init_time, blocked_count, block_expired, record_expired#012               FROM greylisting_tracking#012
WHERE sender='6612a790-24a1-11e2-8854-00259069d5fe@bounce.r.groupon.com'#012                    AND
recipient='me@mydomain.com'#012                    AND client_address='50.115.222.78'#012
      LIMIT 1
Jul  6 04:23:49 genesis iredapd INFO: [50.115.222.78] Client has not been seen before, greylisted.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Problem disabling greylisting

Confirmed it's a bug of iRedAPD, please apply this fix and try again:
https://bitbucket.org/zhb/iredapd/commi … 8b537ffbf3

3

Re: Problem disabling greylisting

Thank you. I applied the fix and it is now working, see log entry below.

I am liking your implementation of greylisting in iredapd. We used to get anywhere from 200 to 300 spam mails per day. With the combo of iredapd greylisting and amavisd blacklisting I am able to cut that down to about 10 to 20 and most of it is caught by Spamassassin.

Jul  7 04:19:35 genesis iredapd DEBUG: Greylisting should NOT be applied according to SQL record: (id=27, account='@.', sender='@.groupon.com')