[SOLVED] Global Blacklist Not Working

U

utkonos

Active Member
Proxmox Subscriber
Apr 11, 2022
149
36
33
I have added one email address to the global blacklist, but even after a reboot, mail sent to that email address is being accepted and placed in quarantine (it is spam and getting flagged as such).

Is there something that needs to be done to use global blacklist beyond the following:

Mail Filter > Who Objects > Blacklist > Add > E-Mail:
E-Mail: deademail@example.com

This is the highest priority rule:

1672275387117.png

Log entries from pmg-smtp-filter are the following:

Code: 
SA score=5/5 time=0.919 bayes=undefined autolearn=no autolearn_force=no hits=DKIM_SIGNED(0.1),DKIM_VALID(-0.1),DKIM_VALID_AU(-0.1),DKIM_VALID_EF(-0.1),HTML_MESSAGE(0.001),MISSING_DATE(1.396),RAZOR2_CF_RANGE_51_100(2.43),RAZOR2_CHECK(1.729),RCVD_IN_DNSWL_NONE(-0.0001),SPF_HELO_NONE(0.001),SPF_PASS(-0.001),URIBL_BLOCKED(0.001)
moved mail for <deademail@example.com> to spam quarantine (rule: Quarantine/Mark Spam (Level 3))
processing time: 0.974 seconds (0.919, 0.036, 0)
 
Thanks so much. I think that's exactly the problem. I have put that email address into a new Who Object and added that Who Object to the Blacklist rule as a "To". Hopefully I'm not doing it wrong.

1672277573882.png

The documentation is not clear on how "To" and "From" interact when they are in the same rule. Are they AND or OR together? The documentation says the following:

"These types of objects can be used for the TO and/or FROM category, and match the sender or recipient of the email."

This sentence is ambiguous as to whether these objects are ANDed together or ORed together.
 
It turns out that "To" and "From" in a single rule are joined together with "AND" rather than "OR" (or there is something else going on, but either way, putting them both in one results in a condition where the rule is ignored or at least the resulting condition is not able to be met in the way I would expect.

The correct way to block is to have a single rule with a "Block" action object and a "To" who object. This results in the addresses on the "To" list being blocked as expected.

1672331175401.png

I made an Inbound Blacklist separate from the builtin Blacklist because its used differently and the addresses are internal not external.

The above works.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back