Recent content by osgit

I setup a new Mail Filter Rule to quarantine, however, when I enable the rule, it seems like the quarantine breaks. Everything starts coming through. Not sure how to proceed in diagnosing the issue. The current Spam Level 3 works fine, just not when I flip over to my Spam Level 4.

Hrm, ok. I switched back to unbound, so it seems like basically toggling from unbound > dnsmasq > unbound toggled something. Maybe a UI bug or something... It looks like it's resolving correctly now using unbound. dig 216.71.140.81._i.hiscoinc.com._d.espf.dmp.cisco.com ; <<>> DiG...

So I temporarily flipped pfsense over to DNSMASQ, rather than unbound and it's working... I'm going to have to poke at unbound to see what might be causing it not to resolve properly... dig 216.71.140.81._i.hiscoinc.com._d.espf.dmp.cisco.com ; <<>> DiG 9.16.27-Debian <<>>...

Makes sense, here is that output. dig 216.71.140.81._i.hiscoinc.com._d.espf.dmp.cisco.com ; <<>> DiG 9.16.27-Debian <<>> 216.71.140.81._i.hiscoinc.com._d.espf.dmp.cisco.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12190 ;; flags: qr rd ra...

Here is the log: Aug 29 07:55:51 smtp postfix/smtpd[40934]: connect from esa2.hc2841-9.iphmx.com[216.71.140.81] Aug 29 07:55:51 smtp postfix/smtpd[40934]: Anonymous TLS connection established from esa2.hc2841-9.iphmx.com[216.71.140.81]: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256...

That was the incorrect link, I edited the post with the correct link. The domain is hiscoinc.com.

I have another one, same issue as the chrobinson.com one, the IP is covered by the SPF record as well. https://mxtoolbox.com/SuperTool.aspx?action=spf%3ahiscoinc.com%3a216.71.140.81&run=toolpage I have the DNS rebind disabled in pFsense as well.

Yeah, I looked closer after posting and saw that as well. Forgot to edit my post.

Getting the issue with another domain now as well: Domain: medline.com SPF Record: medline.com. 1800 IN TXT "v=spf1 mx a ip4:205.233.244.245 ip4:205.233.245.135 ip4:205.233.245.77 include:_spf-a.medline.com include:_spf-b.medline.com include:_spf-c.medline.com -all" Aug...

Sure, here is the response: dig 68.232.131.43.spf.hc4187-23.iphmx.com ; <<>> DiG 9.16.27-Debian <<>> 68.232.131.43.spf.hc4187-23.iphmx.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12400 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0...

So I got two emails from this domain and they were both rejected. Jul 22 07:50:00 smtp postfix/smtpd[162078]: connect from esa.hc4187-23.iphmx.com[68.232.131.43] Jul 22 07:50:01 smtp postfix/smtpd[162078]: Anonymous TLS connection established from esa.hc4187-23.iphmx.com[68.232.131.43]: TLSv1.2...

I disabled DNS Rebind Check for testing purposes. I'll let you know what happens the next time I receive an email from them and report back the results. Thank you. :)

I have put those fixes in place for quite sometime, is there something specific to this? server: private-address: 127.0.0.0/8 private-domain: "zen.spamhaus.org" private-domain: "bl.spamcop.net" private-domain: "psbl.surriel.com" private-domain: "spamrbl.imp.ch" private-domain...

Here you go: pmgversion -v proxmox-mailgateway: 7.1-1 (API: 7.1-3/4c093c92, running kernel: 5.13.19-6-pve) pmg-api: 7.1-3 pmg-gui: 3.1-3 pve-kernel-helper: 7.2-3 pve-kernel-5.13: 7.1-9 pve-kernel-5.4: 6.4-15 pve-kernel-5.13.19-6-pve: 5.13.19-15 pve-kernel-5.4.174-2-pve: 5.4.174-2...

I have an issue when Mail Gateway is set to Use SPF, that it doesn't seem to work correctly to allow the following domain with a more specialized SPF record where they are using this for example: exists:%{i}.spf.hc4187-23.iphmx.com. Do you have any workaround, other than whitelisting their...