Action Object 'Block' returns 250 2.7.0 BLOCKED. Can this be changed?

Jul 19, 2019
11
1
3
Hi,

When we use the final action 'Block' in the rules, the following happens:

Aug 27 08:27:43 VCS00080 postfix/lmtp[54042]: DF93FE1159: to=<j.branderhorst@vpo.nl>, relay=127.0.0.1[127.0.0.1]:10024, delay=4.7, delays=0.21/0/0.04/4.4, dsn=2.7.0, status=sent (250 2.7.0 BLOCKED (E12E55D64CD5B2A6FD))
As a result of this 250 return code, the sending SMTP server never will know that it is blocked.

Use case 1: I want to use LDAP to do a check if an email address exists. If not -> block it (I don't want to send an NDR of course zo Notifiy Sender is not an option).
Use case 2: I want to notify senders of e-mails containing spam that their e-mail is blocked due to spam content.

Is it possible to change this default behaviour? I want the Block Action here to return an 550 error, and possible with the correct reason why it was blocked.

Thanks in advance,

Jacco
 

tom

Proxmox Staff Member
Staff member
Aug 29, 2006
13,690
435
83
As a result of this 250 return code, the sending SMTP server never will know that it is blocked.
Such emails are already accepted (250). If you block inside your rule system, you cannot revert this.

Use case 1: I want to use LDAP to do a check if an email address exists. If not -> block it (I don't want to send an NDR of course zo Notifiy Sender is not an option).
Better use "Receiver Verification" - this check existing emails on SMTP level internally and if an email address is non-existing, you send a 450 error code to the sending server, so you do not expose detailed information to the spammers.

Use case 2: I want to notify senders of e-mails containing spam that their e-mail is blocked due to spam content.
You can add notification rules, but I do NOT recommend to reply to spam emails (most times you just generate bounces )
 
Jul 19, 2019
11
1
3
Thanks. Our previous system (Barracuda) did send those SMTP responses as 550 when e.g. mail was blocked due to spam content. So in that case no bounce was sent but the sending SMTP server was informed about this. Is it possible to do the same with Proxmox?
 

tom

Proxmox Staff Member
Staff member
Aug 29, 2006
13,690
435
83
Thanks. Our previous system (Barracuda) did send those SMTP responses as 550 when e.g. mail was blocked due to spam content. So in that case no bounce was sent but the sending SMTP server was informed about this. Is it possible to do the same with Proxmox?
Most Spam emails should be rejected on SMTP level (RBL, Greylisting, Receiver Verification, SPF,), so a 250 will never happens.
If emails are accepted by the Proxmox Mail Gateways, you have to deal with it in your rule system.

There is currently no Postfix Before-Queue Content Filter filtering out of the box in Proxmox Mail Gateway.
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE and Proxmox Mail Gateway. We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get your own in 60 seconds.

Buy now!