1

Topic: amavisd_wblist Not Blocking

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.5.1
- Deployed with iRedMail Easy or the downloadable installer? downloadable installer
- Linux/BSD distribution name and version: Ubuntu 20.04.4
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): PGSQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Hi

I followed the official guide for blacklisting ( https://docs.iredmail.org/manage.iredapd.html ):

- I added the plugin to /opt/iredapd/settings.py

# Enabled plugins.
plugins = ["reject_null_sender", "wblist_rdns", "reject_sender_login_mismatch", "greylisting", "throttle", "amavisd_wblist", "sql_alias_access_policy"]

- Added the mail account to the blacklist

$ python3 wblist_admin.py --add --blacklist test@domain.com

- then printed out the list of all blacklisted accounts and I can see my fresh entry.

$ python3 wblist_admin.py --list --blacklist
* Establishing SQL connection.
* List all inbound blacklist for account: @.
test@domain.com

But if I email me from the blacklisted account the mail will pass through without being blocked. Any suggestions, please?

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team.

2

Re: amavisd_wblist Not Blocking

is it from same, local domain?

3

Re: amavisd_wblist Not Blocking

Cthulhu wrote:

is it from same, local domain?

Nope, it's from an external domain that is sending us harmful emails.

4

Re: amavisd_wblist Not Blocking

Please turn on debug mode in iRedAPD, then send a new testing email to trigger the verbose logging, extract full log of this testing email and paste here for troubleshooting.
FYI: https://docs.iredmail.org/debug.iredapd.html

5 (edited by alec 2022-05-09 18:17:56)

Re: amavisd_wblist Not Blocking

ZhangHuangbin wrote:

Please turn on debug mode in iRedAPD, then send a new testing email to trigger the verbose logging, extract full log of this testing email and paste here for troubleshooting.
FYI: https://docs.iredmail.org/debug.iredapd.html

I've turned on debug mode from settings.py and restarted the service as described in the guide.

Then I sent an email from the blocked account and received it anyway.

In the log I have only this:

May  9 10:08:09 mx iredapd Starting iRedAPD (version: 5.0.4, backend: pgsql), listening on 127.0.0.1:7777.
May  9 10:08:09 mx iredapd Loading plugin (priority: 100): reject_null_sender
May  9 10:08:09 mx iredapd Loading plugin (priority: 99): wblist_rdns
May  9 10:08:09 mx iredapd Loading plugin (priority: 90): reject_sender_login_mismatch
May  9 10:08:09 mx iredapd Loading plugin (priority: 80): greylisting
May  9 10:08:09 mx iredapd Loading plugin (priority: 60): throttle
May  9 10:08:09 mx iredapd Loading plugin (priority: 50): sql_alias_access_policy
May  9 10:08:09 mx iredapd Loading plugin (priority: 40): amavisd_wblist
May  9 10:08:09 mx iredapd Starting SRS sender rewriting channel, listening on 127.0.0.1:7778
May  9 10:08:09 mx iredapd Starting SRS recipient rewriting channel, listening on 127.0.0.1:7779

But it's from 2 hours ago. It seems that it didn't log anything.

6

Re: amavisd_wblist Not Blocking

Please show me output of command below, seems you don't have iRedAPD integrated in Postfix at all.

postconf smtpd_recipient_restrictions smtpd_end_of_data_restrictions

7

Re: amavisd_wblist Not Blocking

ZhangHuangbin wrote:

Please show me output of command below, seems you don't have iRedAPD integrated in Postfix at all.

postconf smtpd_recipient_restrictions smtpd_end_of_data_restrictions

That is what I thought in the first place as well.
This is the output of the command:

smtpd_recipient_restrictions = 
  reject_non_fqdn_recipient 
  reject_unlisted_recipient 
  check_policy_service inet:127.0.0.1:7777 
  permit_mynetworks 
  permit_sasl_authenticated 
  reject_unauth_destination 
  check_policy_service inet:127.0.0.1:12340

smtpd_end_of_data_restrictions = 
  check_policy_service inet:127.0.0.1:7777

8

Re: amavisd_wblist Not Blocking

Could you please turn on debug mode in iRedAPD, then try to reproduce the issue, and copy relevant iRedAPD log lines here for troubleshooting?
FYI: https://docs.iredmail.org/debug.iredapd.html

9 (edited by alec 2022-05-16 22:04:16)

Re: amavisd_wblist Not Blocking

I have already enabled debug mode in /opt/iredapd/settings.py :

# Log level: info, debug.
log_level = 'debug'

# Backend: ldap, mysql, pgsql.
backend = "pgsql"

# Enabled plugins.
plugins = ["reject_null_sender", "wblist_rdns", "reject_sender_login_mismatch", "greylisting", "throttle", "amavisd_wblist", "sql_alias_access_policy"]

Then restarted iredapd.service and postfix.service.
I also checked my blocked accounts with:

python3 wblist_admin.py --list --blacklist

and I sent a mail with my blocked account, and this shows up:

May 16 13:54:30 mx iredapd [SQL] Query result: []
May 16 13:54:30 mx iredapd No sender throttle setting.
May 16 13:54:30 mx iredapd Bypass recipient throttling (found sasl_username).
May 16 13:54:30 mx iredapd <-- Result: DUNNO
May 16 13:54:30 mx iredapd Skip plugin: sql_alias_access_policy (protocol_state != END-OF-MESSAGE)
May 16 13:54:30 mx iredapd Skip plugin: amavisd_wblist (protocol_state != END-OF-MESSAGE)
May 16 13:54:30 mx iredapd Session ended.