The domain is on a blacklist, but it still goes through.

microage · Friday at 13:51

Hi everyone, I have a question regarding PMG configuration and blacklists. I have a domain on the blacklist, but for some reason the server is still allowing messages from that domain through. It’s not on the whitelist, nor is the IP address, etc.

The issue only affects this one specific domain out of many. Any idea where I should look for the problem?
Log:

2026-05-07T10:19:31.247992+02:00 mx postfix/smtpd[737803]: connect from cloudserver3233881-3233912.home.pl[46.242.244.190]
2026-05-07T10:19:31.308148+02:00 mx postfix/smtpd[737803]: Anonymous TLS connection established from cloudserver3233881-3233912.home.pl[46.242.244.190]: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256
2026-05-07T10:19:31.380842+02:00 mx postfix/smtpd[737803]: 5CDCA4C305C: client=cloudserver3233881-3233912.home.pl[46.242.244.190]
2026-05-07T10:19:31.392705+02:00 mx postfix/cleanup[737806]: 5CDCA4C305C: message-id=<14fb01dcddfa$36da4930$a48edb90$@trainingmed.pl>
2026-05-07T10:19:31.653396+02:00 mx postfix/qmgr[530122]: 5CDCA4C305C: from=<tymochowicza@trainingmed.pl>, size=2189459, nrcpt=2 (queue active)
2026-05-07T10:19:31.653674+02:00 mx postfix/smtpd[737803]: disconnect from cloudserver3233881-3233912.home.pl[46.242.244.190] ehlo=2 starttls=1 mail=1 rcpt=2 data=1 quit=1 commands=8
2026-05-07T10:19:31.779762+02:00 mx pmg-smtp-filter[737784]: 4C31AF69FC4B13AA391: new mail message-id=<14fb01dcddfa$36da4930$a48edb90$@trainingmed.pl>
2026-05-07T10:19:34.627675+02:00 mx pmg-smtp-filter[737784]: 4C31AF69FC4B13AA391: SA score=0/5 time=1.417 bayes=undefined autolearn=disabled hits=DKIM_SIGNED(0.1),DKIM_VALID(-0.1),DKIM_VALID_AU(-0.1),DKIM_VALID_EF(-0.1),DMARC_MISSING(0.1),HTML_MESSAGE(0.001),KAM_EU(0.5),SPF_HELO_PASS(-0.001),SPF_PASS(-0.001)
2026-05-07T10:19:34.634966+02:00 mx postfix/smtpd[737438]: connect from localhost.localdomain[127.0.0.1]
2026-05-07T10:19:34.636460+02:00 mx postfix/smtpd[737438]: 9B57D4C31BB: client=localhost.localdomain[127.0.0.1], orig_client=cloudserver3233881-3233912.home.pl[46.242.244.190]
2026-05-07T10:19:34.641139+02:00 mx postfix/cleanup[737488]: 9B57D4C31BB: message-id=<14fb01dcddfa$36da4930$a48edb90$@trainingmed.pl>
2026-05-07T10:19:34.782988+02:00 mx postfix/qmgr[530122]: 9B57D4C31BB: from=<tymochowicza@trainingmed.pl>, size=2190346, nrcpt=2 (queue active)
2026-05-07T10:19:34.783222+02:00 mx postfix/smtpd[737438]: disconnect from localhost.localdomain[127.0.0.1] ehlo=1 xforward=1 mail=1 rcpt=2 data=1 commands=6
2026-05-07T10:19:34.783500+02:00 mx pmg-smtp-filter[737784]: 4C31AF69FC4B13AA391: accept mail to <********************> (9B57D4C31BB) (rule: default-accept)
2026-05-07T10:19:34.783658+02:00 mx pmg-smtp-filter[737784]: 4C31AF69FC4B13AA391: accept mail to <**********************> (9B57D4C31BB) (rule: default-accept)
2026-05-07T10:19:34.794057+02:00 mx postfix/smtp[737094]: Untrusted TLS connection established to 192.168.22.22[192.168.22.22]:2525: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
2026-05-07T10:19:34.797914+02:00 mx pmg-smtp-filter[737784]: 4C31AF69FC4B13AA391: processing time: 3.053 seconds (1.417, 1.416, 0)
2026-05-07T10:19:34.798434+02:00 mx postfix/lmtp[737809]: 5CDCA4C305C: to=<**********************>, relay=127.0.0.1[127.0.0.1]:10024, delay=3.5, delays=0.32/0/0.04/3.1, dsn=2.5.0, status=sent (250 2.5.0 OK (4C31AF69FC4B13AA391))
2026-05-07T10:19:34.838612+02:00 mx postfix/lmtp[737809]: 5CDCA4C305C: to=<**********************>, relay=127.0.0.1[127.0.0.1]:10024, delay=3.5, delays=0.32/0/0.04/3.1, dsn=2.5.0, status=sent (250 2.5.0 OK (4C31AF69FC4B13AA391))
2026-05-07T10:19:34.839993+02:00 mx postfix/qmgr[530122]: 5CDCA4C305C: removed
2026-05-07T10:19:35.051381+02:00 mx postfix/smtp[737094]: 9B57D4C31BB: to=<**********************>, relay=192.168.22.22[192.168.22.22]:2525, delay=0.42, delays=0.15/0/0.03/0.24, dsn=2.6.0, status=sent (250 2.6.0 <14fb01dcddfa$36da4930$a48edb90$@trainingmed.pl> [InternalId=76532022247724, Hostname=VSRV-EXC2019-DS.SNK.local] 2191184 bytes in 0.205, 10411.203 KB/sec Queued mail for delivery)
2026-05-07T10:19:35.051542+02:00 mx postfix/smtp[737094]: 9B57D4C31BB: to=<**********************>, relay=192.168.22.22[192.168.22.22]:2525, delay=0.42, delays=0.15/0/0.03/0.24, dsn=2.6.0, status=sent (250 2.6.0 <14fb01dcddfa$36da4930$a48edb90$@trainingmed.pl> [InternalId=76532022247724, Hostname=VSRV-EXC2019-DS.SNK.local] 2191184 bytes in 0.205, 10411.203 KB/sec Queued mail for delivery)
2026-05-07T10:19:35.052618+02:00 mx postfix/qmgr[530122]: 9B57D4C31BB: removed

ivenae · Friday at 19:08

2026-05-07T10:19:34.783500+02:00 mx pmg-smtp-filter[737784]: 4C31AF69FC4B13AA391: accept mail to <********************> (9B57D4C31BB) (rule: default-accept)

This domain is not on your blocklist, or the blocklist action rule is deactivated.

MKle · 2026-05-11T17:29:58+0200

I was long confused by the different block lists on PMG.
See the manual.
Items need to be added to Mail Filter>Who Objects:Blocklist.

microage · 2026-05-12T13:18:51+0200

This config is correct? Should there be commas in the verses?

smtpd_recipient_restrictions =
permit_mynetworks
reject_unauth_destination
reject_non_fqdn_recipient
check_recipient_access
regexp:/etc/postfix/rcptaccess
check_sender_access
regexp:/etc/postfix/senderaccess
check_client_access
cidr:/etc/postfix/clientaccess
check_policy_service
inet:127.0.0.1:10022
reject_unknown_recipient_domain
reject_unverified_recipient

microage · 2026-05-12T13:20:46+0200

MKle said:
I was long confused by the different block lists on PMG.
See the manual.
Items need to be added to Mail Filter>Who Objects:Blocklist.

That's where the domain is added. Mail Filter is set to block accordingly.

Search

Search

The domain is on a blacklist, but it still goes through.

microage

New Member

ivenae

Well-Known Member

MKle

New Member

microage

New Member

microage

New Member

We value your privacy