how to whitelist email

InGenetic · Sep 26, 2022

Hi all,
please help, how to whitelist 2 email below , i try to add this domain / email address in "who"=>"whitelist" object dan in "whitelist" on mail proxy (icha@karyaprimasuplindo.co.id & joan@morseals.com) but it doesn't work , it always quarantine by pmg . below 2 header email of those email :

1. email from : icha@karyaprimasuplindo.co.id
header :

Code:

Delivered-To: iwan.ruswandi@mydomain.com

Return-Path: prvs=12680122cd=iwan@pthidroflex.com

Received: from mydomain2.com (mydomain2.com [103.20.189.23])

by antispam.humantechno.co.id (Proxmox) with ESMTP id 9A9CD2664B

for <iwan.ruswandi@mydomain.com>; Mon, 26 Sep 2022 10:11:29 +0700 (WIB)

X-MDAV-Result: clean

X-MDAV-Processed: mydomain2.com, Mon, 26 Sep 2022 10:10:27 +0700

Authentication-Results: mydomain2.com;

spf=none smtp.mailfrom=icha@karyaprimasuplindo.co.id;

dkim=pass (good signature) header.d=yahoo.com header.b=GBZHiJ0Ox0;

iprev=pass policy.iprev=66.163.187.39 (PTR sonic308-16.consmr.mail.ne1.yahoo.com);

iprev=pass policy.iprev=66.163.187.39 (HELO sonic308-16.consmr.mail.ne1.yahoo.com);

iprev=fail policy.iprev=66.163.187.39 reason="does not match" (MAIL icha@karyaprimasuplindo.co.id)

Received: from sonic308-16.consmr.mail.ne1.yahoo.com (sonic308-16.consmr.mail.ne1.yahoo.com [66.163.187.39])

by mydomain2.com (115.85.74.133) (MDaemon PRO v18.0.2) with ESMTP id 23-md50000027330.msg;

Mon, 26 Sep 2022 10:10:26 +0700

X-Spam-Processed: mydomain2.com, Mon, 26 Sep 2022 10:10:26 +0700

(not processed: sender in recipient's private address book)

X-MDDKIM-Result: unapproved (mydomain2.com)

X-MDRemoteIP: 66.163.187.39

X-MDHelo: sonic308-16.consmr.mail.ne1.yahoo.com

X-MDArrival-Date: Mon, 26 Sep 2022 10:10:26 +0700

X-Rcpt-To: iwan@pthidroflex.com

X-MDRcpt-To: iwan@pthidroflex.com

X-Envelope-From: icha@karyaprimasuplindo.co.id

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1664161815; bh=pxhEcLAism5cfeueXUhIyCbPgh4jY8a9cCBfPihJWNw=; h=From:To:Cc:References:In-Reply-To:Subjectate:From:Subject:Reply-To; b=GBZHiJ0Ox0vyVK7ehScYTOaJ1w6JP83+wCbxhuyxChIZmWRGcKAywUirmP//sV0C+uBBOpXNYvm0MDQjKQGlizZs/zki8iXMWrjgMovSPOSNV7ivwzIYt3SHd+Z5UjpgUNsDUyEiplvSO+d4fgvHc4i40A8/yR7KCod/yqIa0LII6YrUx/9T3gnBrBbprVANHwYvbHyJ/V8xprWRqUi5IUUnOKK/raEbAu6k4YDz3PvLIv7QGztgay/GuhsPUuroFzMcGujHcsHZifB+9bMYKYwahVLKQTo2ghdm/pB+T9d8sy+RM5BzBVTURzdxcP/m01HR5bEQCsRSF+Ky6VtU9A==

X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1664161815; bh=EYSljCz9uUcKNCaZxLcob3ptpJcz0xO1T7Dq9DrjLIv=; h=X-Sonic-MF:From:To:Subjectate:From:Subject; b=icUadROAinVszhwpLToPc/Rfe3/jhPXEfIniD1GlMHm378MVbDHgNipTo3T/52IaxJcSjpHvYOZWve/nYGc/vNUn+ELIGH2s9vq0D8DU+DjK6WQkRObW073qT9NYDFR53tm3Na0Om3VUExkEit54bK+yfILXJdzpk9hHtgFYCKgmsrZv7go/kEi3Wg3deHuguGACgn1FJFYbZNDns9ymt8+XSzw5lGhE9MvyP3vQDCQTb+GA1flgEWzqfbEvnK/jsdT3iCEYf7QM0mk6MiJkVX3pO1nchFWTLe+c6Xo4rmizwpCmB4fcuzGbRNFHoo1vGxIDQtcEy8RGNWrbxn4oWg==

X-YMail-OSG: 5vRkmWoVM1lnRbkm5MDeFmoyBkreI5I0lMM_KZAORZrxepVkwvYRGjI0seYYx32

azonWLQvElFdCDGffHYTML_wA9dgvKHirCHrpO614bWMUwU7yCcE8D1NmWP4ARxVjLaVQFGuuS.A

MWSpfl9xL3YGBJkCSmCQoSmkXVDxLNSjtERYO1cRhvFjU4XgVFhx80CL274dAovYSFZhRwUIrcm4

.2UeiwildIjW1LeSSYWjErgRtFYtM0MGac67LDd0iC4eSGNaBi7X12LGINg6cbZw7ruY0RFqFF4J

XUu_GgPJL3IDUeSU0.xTrxSYlMWbvNbIyJh08GPc6opy2Ahv2yWbTTnBh8wKB9BFAS.cwhXcfCny

k5z.HwBtP7yrrAKFPfSp2SaY9uAJkc6tJOfoHdMkOYukjg8dTaRGGWCekODNLu.WcMJflUS7K2fF

p05W9AKuySu_vyyf_xweS4YeC63.A85.02wuswO6E1wiLkkklyl.VpM_06Vlg6g4vpaePsQcTo5v

KfgJgTdlMra4Waj2gwhKvEL5mBBhadCCDnCxrD4Xg1Sbc0wjMbEKTd1meNuIvbq4eBIoaNeIMHfE

o9oyIAMNjULJuMzeqpzRWY9b9nNK_iuQZXksk2gWCp80jIDuRD2SglSaGfaDQs8LFHZrgAM7sGDT

zBpTBEvpcOLmcmnqqF3k.rbLj89O5LJwt1ldY_hrLPtrRFz1Eb4tdsYf8pFYEEJ9IS.RQbcENFuf

2. from : joan@morseals.com
hearder :

Code:

Delivered-To: lucky.tendean@mydomain.com
style='color:black'>Return-Path: joan@morseals.com
style='color:black'>Received: from mailrelay4.pub.mailoutpod1-cph3.one.com (mailrelay4-3.pub.mailoutpod1-cph3.one.com [46.30.212.13])
style='color:black'>        by antispam.humantechno.co.id (Proxmox) with ESMTPS id 8BA3C191CF
style='color:black'>        for <lucky.tendean@mydomain.com>; Thu, 22 Sep 2022 14:47:05 +0700 (WIB)
style='color:black'>Received: from mailrelay6.pub.mailoutpod2-cph3.one.com (mailrelay6.pub.mailoutpod2-cph3.one.com [104.37.34.11])
style='color:black'>        by mailrelay4.pub.mailoutpod1-cph3.one.com (Halon) with ESMTPS
style='color:black'>        id bb1ca5db-3a4a-11ed-824f-d0431ea8bb10;
style='color:black'>        Thu, 22 Sep 2022 07:46:55 +0000 (UTC)
style='color:black'>DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
style='color:black'>        d=morseals.com; s=rsa1;
style='color:black'>        h=content-type:message-id:mime-version:references:subject:cc:to:from:date:from;
style='color:black'>        bh=sI0yj+XVU3qh1ZmyGR+9uI94wPfpyL17LPVq9IkTDmg=;
style='color:black'>        b=Nzl4joJW+GbBz/ugExao1KUtMmrTeznJzXxAWIhxtwUTCXE5NgqiJRYkemDmSwlQYYSYdt8v9L1kP
style='color:black'>         b6wRPkLVN2Ob3YPyCD88DlFia3BIaXBOkcmU5ewgaoy9dTh7KOFklVS+2icsWl8c1P8ntC3e+GSRxy
style='color:black'>         BRFChu8WRk8iZ0xd1bDnRo3CdMrnn/ua3dNovrK/be5wVoi2GSXiHhOyEKux0TyY8o6DllmU9yOPse
style='color:black'>         /0C1PJEPVboBPBllOV7we4GIvOz/n/JRRdkjYw6xzmuFgYci2ZWKZv7S0DvwWOnT6vbfLtXg1yanaz
style='color:black'>         z7ncbndGOqrYII2rxwIHocIBc2M4BlA==
style='color:black'>DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed;
style='color:black'>        d=morseals.com; s=ed1;
style='color:black'>        h=content-type:message-id:mime-version:references:subject:cc:to:from:date:from;
style='color:black'>        bh=sI0yj+XVU3qh1ZmyGR+9uI94wPfpyL17LPVq9IkTDmg=;
style='color:black'>        b=jp6OVvdGoY0dZFUU1bOBgBDFnWWjSKLW7EAS/Cx0JzEPc7QMNhNqesztB1KebrfS1TH4jkrCZjb7C
style='color:black'>         D4gUAZOAQ==
style='color:black'>X-HalOne-ID: b705a9dd-3a4a-11ed-8a86-2b87a77a1019
style='color:black'>Received: from DESKTOP-386TEA3 (unknown [119.4.177.255])
style='color:black'>        by mailrelay6 (Halon) with ESMTPSA
style='color:black'>        id b705a9dd-3a4a-11ed-8a86-2b87a77a1019;
style='color:black'>        Thu, 22 Sep 2022 07:46:53 +0000 (UTC)
style='color:black'>Date: Thu, 22 Sep 2022 15:46:52 +0800
style='color:black'>From: "joan@morseals.com" <joan@morseals.com>
style='color:black'>To: "Nurul Arifah" <nurul@mydomain.com>
style='color:black'>Cc: "'Fransiscus Ardian Saksono'" <fransiscus@mydomain.com>,
style='color:black'>        "ferial@mydomain.com" <ferial@mydomain.com>,
style='color:black'>        "lucky.tendean@mydomain.com" <lucky.tendean@mydomain.com>,
style='color:black'>        "'Ruby Nugraha'" <ruby@mydomain.com>
style='color:black'>Subject: Re: RE: TGS = PO  001393// TE 001688// JKT//Inquiry Single Spring 90mm
style='color:black'>References: <001301d8ab9b$82decdf0$889c69d0$@mydomain.com>,
style='color:black'>        <202208091249050732331@morseals.com>,
style='color:black'>        <003501d8ac65$552bae30$ff830a90$@mydomain.com>,
style='color:black'>        <202208101137517006495@morseals.com>,
style='color:black'>        <00ab01d8ad5c$20cafcc0$6260f640$@mydomain.com>,
style='color:black'>        <202208131056033882246@morseals.com>,
style='color:black'>        <00f201d8bb78$bc20de90$34629bb0$@mydomain.com>,
style='color:black'>        <202208291719493498816@morseals.com>,
style='color:black'>        <007201d8c0e2$01cc0780$05641680$@mydomain.com>,
style='color:black'>        <202209051327162341041@morseals.com>,
style='color:black'>        <001201d8c653$c37b1bc0$4a715340$@mydomain.com>,
style='color:black'>        <202209121453573508232@morseals.com>,
style='color:black'>        <006d01d8c675$dad82020$90886060$@mydomain.com>,
style='color:black'>        <202209121506448987275@morseals.com>,
style='color:black'>        <002f01d8c978$57f6f310$07e4d930$@mydomain.com>,
style='color:black'>        <202209161101133898991@morseals.com>,
style='color:black'>        <004a01d8cbd2$549792e0$fdc6b8a0$@mydomain.com>,
style='color:black'>        <202209191204433191261@morseals.com>,
style='color:black'>        <007b01d8ce3e$3c92fdb0$b5b8f910$@mydomain.com>
style='color:black'>X-Priority: 3
style='color:black'>X-GUID: A88F8831-1839-4069-92C0-768FE9A82478
style='color:black'>X-Has-Attach: no
style='color:black'>X-Mailer: Foxmail 7.2.23.121[cn]
style='color:black'>Mime-Version: 1.0
style='color:black'>Message-ID: <20220922154650110738398@morseals.com>
style='color:black'>Content-Type: multipart/related;
style='color:black'>        boundary="----=_001_NextPart614470413278_=----"

Thank you.

Regards,

Stoiko Ivanov · Sep 26, 2022

Please share the logs from PMG of the mails which are in quarantine, and which should get whitelisted (as text in code blocks)
Thanks!

InGenetic · Sep 26, 2022

Stoiko Ivanov said:
Please share the logs from PMG of the mails which are in quarantine, and which should get whitelisted (as text in code blocks)
Thanks!

Hi Stoiko Ivanov,

Please inform me command to check pmg log from shell.

Thx n regards,

Stoiko Ivanov · Sep 26, 2022

* you can see the systemlogs with journalctl - see `man journalctl` for information on journalctl
* else in that case it should also work to find the mail in the Tracking Center (GUI->Administration) and post the logs from there

InGenetic · Sep 27, 2022

Stoiko Ivanov said:
* you can see the systemlogs with journalctl - see `man journalctl` for information on journalctl
* else in that case it should also work to find the mail in the Tracking Center (GUI->Administration) and post the logs from there

noted, here is mr.Stoiko Ivanov :

1. joan@morseals.com

Code:

Sep 26 10:10:24 antispam postfix/smtpd[481085]: connect from sonic308-16.consmr.mail.ne1.yahoo.com[66.163.187.39]
Sep 26 10:10:26 antispam postfix/smtpd[481085]: F18CD26597: client=sonic308-16.consmr.mail.ne1.yahoo.com[66.163.187.39]
Sep 26 10:10:27 antispam postfix/cleanup[480928]: F18CD26597: message-id=<000001d8d155$b378bf90$1a6a3eb0$@karyaprimasuplindo.co.id>
Sep 26 10:10:30 antispam postfix/qmgr[310008]: F18CD26597: from=<icha@karyaprimasuplindo.co.id>, size=438848, nrcpt=1 (queue active)
Sep 26 10:10:30 antispam pmg-smtp-filter[481095]: 26601633118264CA27: new mail message-id=<000001d8d155$b378bf90$1a6a3eb0$@karyaprimasuplindo.co.id>#012
Sep 26 10:10:30 antispam postfix/smtpd[481085]: disconnect from sonic308-16.consmr.mail.ne1.yahoo.com[66.163.187.39] ehlo=2 starttls=1 mail=1 rcpt=1 data=1 quit=1 commands=7
Sep 26 10:10:35 antispam pmg-smtp-filter[481095]: 26601633118264CA27: SA score=1/5 time=4.735 bayes=undefined autolearn=no autolearn_force=no hits=AWL(-0.115),DKIM_INVALID(0.1),DKIM_SIGNED(0.1),HTML_MESSAGE(0.001),KAM_DMARC_STATUS(0.01),KAM_INFOUSMEBIZ(0.75),RCVD_IN_DNSWL_NONE(-0.0001),SPF_HELO_NONE(0.001),SPF_NONE(0.001),SUBJ_ALL_CAPS(0.5),T_KAM_HTML_FONT_INVALID(0.01)
Sep 26 10:10:35 antispam pmg-smtp-filter[481095]: 26601633118264CA27: moved mail for <fransiscus@mydomain.com> to spam quarantine - 266A56331182B7E6B8 (rule: Block Fake Display Name)
Sep 26 10:10:35 antispam pmg-smtp-filter[481095]: 26601633118264CA27: processing time: 5.221 seconds (4.735, 0.18, 0)
Sep 26 10:10:35 antispam postfix/lmtp[480950]: F18CD26597: to=<fransiscus@mydomain.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=9, delays=3.6/0/0.01/5.3, dsn=2.5.0, status=sent (250 2.5.0 OK (26601633118264CA27))
Sep 26 10:10:35 antispam postfix/qmgr[310008]: F18CD26597: removed

2. icha@karyaprimasuplindo.co.id

Code:

Sep 26 10:10:24 antispam postfix/smtpd[481085]: connect from sonic308-16.consmr.mail.ne1.yahoo.com[66.163.187.39]Sep 26 10:10:26 antispam postfix/smtpd[481085]: F18CD26597: client=sonic308-16.consmr.mail.ne1.yahoo.com[66.163.187.39]
Sep 26 10:10:27 antispam postfix/cleanup[480928]: F18CD26597: message-id=<000001d8d155$b378bf90$1a6a3eb0$@karyaprimasuplindo.co.id>
Sep 26 10:10:30 antispam postfix/qmgr[310008]: F18CD26597: from=<icha@karyaprimasuplindo.co.id>, size=438848, nrcpt=1 (queue active)
Sep 26 10:10:30 antispam pmg-smtp-filter[481095]: 26601633118264CA27: new mail message-id=<000001d8d155$b378bf90$1a6a3eb0$@karyaprimasuplindo.co.id>#012
Sep 26 10:10:30 antispam postfix/smtpd[481085]: disconnect from sonic308-16.consmr.mail.ne1.yahoo.com[66.163.187.39] ehlo=2 starttls=1 mail=1 rcpt=1 data=1 quit=1 commands=7
Sep 26 10:10:35 antispam pmg-smtp-filter[481095]: 26601633118264CA27: SA score=1/5 time=4.735 bayes=undefined autolearn=no autolearn_force=no hits=AWL(-0.115),DKIM_INVALID(0.1),DKIM_SIGNED(0.1),HTML_MESSAGE(0.001),KAM_DMARC_STATUS(0.01),KAM_INFOUSMEBIZ(0.75),RCVD_IN_DNSWL_NONE(-0.0001),SPF_HELO_NONE(0.001),SPF_NONE(0.001),SUBJ_ALL_CAPS(0.5),T_KAM_HTML_FONT_INVALID(0.01)
Sep 26 10:10:35 antispam pmg-smtp-filter[481095]: 26601633118264CA27: moved mail for <fransiscus@mydomain.com> to spam quarantine - 266A56331182B7E6B8 (rule: Block Fake Display Name)
Sep 26 10:10:35 antispam pmg-smtp-filter[481095]: 26601633118264CA27: processing time: 5.221 seconds (4.735, 0.18, 0)
Sep 26 10:10:35 antispam postfix/lmtp[480950]: F18CD26597: to=<fransiscus@mydomain.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=9, delays=3.6/0/0.01/5.3, dsn=2.5.0, status=sent (250 2.5.0 OK (26601633118264CA27))
Sep 26 10:10:35 antispam postfix/qmgr[310008]: F18CD26597: removed

i've seen now , they are being block because one of rules : "Block Fake Display Name"

i've add one rules before, because there's spam email like phishing they use name which it's known by our user , but if we see carefully their email address is belong to someone else that we don't know .

so i try to add rules like below, is it right or not ?

if it is right. how to by pass 2 sender email address that i 've said on the first post ?

Please advice,

Regards,

Stoiko Ivanov · Sep 27, 2022

I assume your rule "Block Fake Display Name" has higher priority than your/the default Whitelist rule.
If you want to have some users being accepted despite matching "Block Fake Display Name" just create a new rule with higher priority than it and add the two users as Who Object and an action of 'Accept'

I hope this helps!

Search

Search

how to whitelist email

InGenetic

Member

Stoiko Ivanov

Proxmox Staff Member

InGenetic

Member

Stoiko Ivanov

Proxmox Staff Member

InGenetic

Member

Stoiko Ivanov

Proxmox Staff Member

We value your privacy