How to add a domain and all sub-domains into the Blacklist

N

nick

Renowned Member
Mar 28, 2007
364
1
83
Hi everyone,

I have an issue with Blacklist; I try to block a domain and all sub-domain but with no results. What I do:

1) in blacklist I add the domain: Example: domain.com - I will put the real domain here - but the mails still arrive with no problems.
2) I try to add a second domain with *.domain.com but the PMG return error: Error: Invalid Domain Data. In Blacklist I have similar rules and work. These domains was added long time ago.

What I should do to create the correct rule? I don't want to block the entire IP class.

Thank you for help!

My PMG version is:
Version (package/version/build)proxmox-mailgateway/3.1/5829
 
are only 2 examples; uselss for me...

TypeValue
dyngraph.pl
ip.gif
IP Network10.11.11.0/255.255.255.240
dyngraph.pl
mail.gif
Mail addressnomail@fromthisdomain.com
 
the example show the way to do this.

if it does not work, you have probably a wrong rule setup. I suggest you open a support ticket on my.proxmox.com and attach your config- then our support can tell you whats wrong in your rule.
 
Hi Tom, thank you for your feedback!

Until now, we block a domain (and all dub-domains) with rule *.domain.com
now, this role is not accepted anymore, but the old rules are still active.

Why the option Add Domain still active if we can not block an entire domain (and all sub-domains). I can now block mail by mail and also I can not block IP's! If 2 companies use the same ISP and the same mail server, if I block the IP's, I block them both...and it's not correct! I have these king of incidents before...so I want to avoid these situations.
 
again, if you can't figure it out open a support ticket as suggested. if your rule does not work, its very likely that you have a configuration error in your rules.
 
OK, I know that it's a little bit off topic, but how I open a ticket? Please send me a link!
 
How to add a domain and all sub domains into the Blacklist

Thats a nice way But can be there some problems in future with updating vivvo? thanks
 
Hi,

A good solution to block any dns domain is to create in your own dns server a fake authority dns entry for such cases, like:
.domain.com -> 127.0.0.7
And you get 2 advantage:
- dns querry are cached, so the resurrce impact on smtp server is minimal(the blocked domain wil be rejected at helo level of smtp conversation )
- if you use several smtp servers with the same dns servers, you need to add only one record and all your smat servers will used
 
  • Like
Reactions: Plaintext
Hi,

For named/bind or dnsmasq I can share some example if you need. Dnsmasq is more easy for this kind of task. Also on Internet are many blacklists who can be used for import in your dns server.
 
guletz said:
Hi,

For named/bind or dnsmasq I can share some example if you need. Dnsmasq is more easy for this kind of task. Also on Internet are many blacklists who can be used for import in your dns server.
Click to expand...

I can block IPs, but PMG doesn't care if senders domains resolves to 127.0.0.x it seems. Could you give an example/hint?
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back