Notify sender is not working in blacklist rules

[dhinilkv]

Blacklisted sender has not getting notifications emails.
PFA mail filter >> Blacklist rules >> Used objects screenshot

 

[Stoiko Ivanov]

Please share the logs of such a mail…

 

[dhinilkv]

Please see the log

Jun 15 11:52:33 proxmox postfix/smtpd[1724093]: connect from mail-pj1-f48.google.com[209.85.216.48]
Jun 15 11:52:34 proxmox postfix/smtpd[1724093]: 4DA9E101155: client=mail-pj1-f48.google.com[209.85.216.48]
Jun 15 11:52:34 proxmox postfix/cleanup[1723929]: 4DA9E101155: message-id=<CAGpFaXWnJ3DJpoGevwjtTophjmKGwYgbo+q2Jym-F_28B39Hjw@mail.gmail.com>
Jun 15 11:52:34 proxmox postfix/qmgr[1717519]: 4DA9E101155: from=<manesh@saturnme.com>, size=3585, nrcpt=1 (queue active)
Jun 15 11:52:34 proxmox pmg-smtp-filter[1724069]: 1013D4648AC34259B3C: new mail message-id=<CAGpFaXWnJ3DJpoGevwjtTophjmKGwYgbo+q2Jym-F_28B39Hjw@mail.gmail.com>#012
Jun 15 11:52:34 proxmox postfix/smtpd[1724093]: disconnect from mail-pj1-f48.google.com[209.85.216.48] ehlo=1 mail=1 rcpt=1 bdat=1 quit=1 commands=5
Jun 15 11:52:36 proxmox pmg-smtp-filter[1724069]: 1013D4648AC34259B3C: SA score=0/5 time=1.589 bayes=0.49 autolearn=ham autolearn_force=no hits=BAYES_50(0.8),DKIM_SIGNED(0.1),DKIM_VALID(-0.1),DKIM_VALID_AU(-0.1),DKIM_VALID_EF(-0.1),HTML_MESSAGE(0.001),RCVD_IN_DNSWL_NONE(-0.0001),RCVD_IN_MSPIKE_H3(0.001),RCVD_IN_MSPIKE_WL(0.001),SPF_HELO_NONE(0.001),SPF_PASS(-0.001),T_SCC_BODY_TEXT_LINE(-0.01)
Jun 15 11:52:36 proxmox pmg-smtp-filter[1724069]: 1013D4648AC34259B3C: block mail to <it@bin-drai.com> (rule: Blacklist)
Jun 15 11:52:36 proxmox pmg-smtp-filter[1724069]: 1013D4648AC34259B3C: processing time: 1.749 seconds (1.589, 0.099, 0)
Jun 15 11:52:36 proxmox postfix/lmtp[1723930]: 4DA9E101155: to=<it@bin-drai.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=1.8, delays=0.04/0/0.05/1.8, dsn=2.7.0, status=sent (250 2.7.0 BLOCKED (1013D4648AC34259B3C))
Jun 15 11:52:36 proxmox postfix/qmgr[1717519]: 4DA9E101155: removed

 

[Stoiko Ivanov]

I recreated that rule setup here - and it works as expected (mail gets blocked and the notify gets sent out)...

just to be on the save side:
* start a shell on pmg
* run `journalctl -f` there
* send a testmail that should trigger the rule
* show all the logs that are written by journalctl

 

[dhinilkv]

a shell on pmg
* run `journalctl -f` there

I recreated that rule setup here - and it works as expected (mail gets blocked and the notify gets sent out)...

just to be on the save side:
* start a shell on pmg
* run `journalctl -f` there
* send a testmail that should trigger the rule
* show all the logs that are written by journalctl

PFA error logs

 

[Stoiko Ivanov]

please post the logs as text and not as screenshots (and don't put screenshots in a pdf) - Thanks

the journalctl your ran had a 'grep' for a specific mail-address in place - this will not show the complete logs - so it's not possible to see what might be going wrong in your setup

 

[dhinilkv]

please post the logs as text and not as screenshots (and don't put screenshots in a pdf) - Thanks

the journalctl your ran had a 'grep' for a specific mail-address in place - this will not show the complete logs - so it's not possible to see what might be going wrong in your setup

Pls see below error log.

Jun 19 16:38:59 proxmox postfix/smtpd[1818484]: disconnect from ec2-52-88-63-64.us-west-2.compute.amazonaws.com[52.88.63.64] helo=1 quit=1 commands=2
Jun 19 16:39:00 proxmox postfix/postscreen[1818202]: PASS NEW [209.85.215.171]:57804
Jun 19 16:39:01 proxmox postfix/smtpd[1818484]: connect from mail-pg1-f171.google.com[209.85.215.171]
Jun 19 16:39:01 proxmox pmgpolicy[1817842]: SPF says pass
Jun 19 16:39:01 proxmox postfix/smtpd[1818484]: A71FB101549: client=mail-pg1-f171.google.com[209.85.215.171]
Jun 19 16:39:01 proxmox postfix/cleanup[1818636]: A71FB101549: message-id=<CAGpFaXWHSEWFjZ_FXj74mgwTXDJubLZxpT0N-GVehsZrdo0Ydw@mail.gmail.com>
Jun 19 16:39:01 proxmox postfix/qmgr[1804828]: A71FB101549: from=<manesh@saturnme.com>, size=3552, nrcpt=1 (queue active)
Jun 19 16:39:01 proxmox pmg-smtp-filter[1818459]: 2023/06/19-16:39:01 CONNECT TCP Peer: "[127.0.0.1]:57178" Local: "[127.0.0.1]:10024"
Jun 19 16:39:01 proxmox pmg-smtp-filter[1818459]: 10154F64904C65B382C: new mail message-id=<CAGpFaXWHSEWFjZ_FXj74mgwTXDJubLZxpT0N-GVehsZrdo0Ydw@mail.gmail.com>
Jun 19 16:39:01 proxmox pmg-smtp-filter[1818459]: WARNING: ^* matches null string many times in regex; marked by <-- HERE in m/^* <-- HERE .icommarketing.com$/ at /usr/share/perl5/PMG/RuleDB/WhoRegex.pm line 103.
Jun 19 16:39:01 proxmox pmg-smtp-filter[1818459]: WARNING: ^* matches null string many times in regex; marked by <-- HERE in m/^* <-- HERE .eu.mailgun.net$/ at /usr/share/perl5/PMG/RuleDB/WhoRegex.pm line 103.
Jun 19 16:39:01 proxmox pmg-smtp-filter[1818459]: WARNING: Unrecognized escape \m passed through in regex; marked by <-- HERE in m/^.*@.*smtp\m <-- HERE ydialoginsight\.com$$/ at /usr/share/perl5/PMG/RuleDB/WhoRegex.pm line 103.
Jun 19 16:39:01 proxmox pmg-smtp-filter[1818459]: WARNING: Unrecognized escape \m passed through in regex; marked by <-- HERE in m/^.*o13.ptr6032.\m <-- HERE ail\.beehiiv\.com$$/ at /usr/share/perl5/PMG/RuleDB/WhoRegex.pm line 103.
Jun 19 16:39:02 proxmox postfix/smtpd[1818484]: disconnect from mail-pg1-f171.google.com[209.85.215.171] ehlo=1 mail=1 rcpt=1 bdat=1 quit=1 commands=5
Jun 19 16:39:03 proxmox pmg-smtp-filter[1818459]: 10154F64904C65B382C: SA score=0/5 time=1.318 bayes=0.00 autolearn=ham autolearn_force=no hits=AWL(0.282),BAYES_00(-1.9),DKIM_SIGNED(0.1),DKIM_VALID(-0.1),DKIM_VALID_AU(-0.1),DKIM_VALID_EF(-0.1),HTML_MESSAGE(0.001),RCVD_IN_DNSWL_NONE(-0.0001),RCVD_IN_MSPIKE_H2(-0.001),SPF_HELO_NONE(0.001),SPF_PASS(-0.001),T_SCC_BODY_TEXT_LINE(-0.01)
Jun 19 16:39:03 proxmox postfix/smtpd[1818635]: connect from localhost.localdomain[127.0.0.1]
Jun 19 16:39:03 proxmox postfix/smtpd[1818635]: 31022101550: client=localhost.localdomain[127.0.0.1]
Jun 19 16:39:03 proxmox postfix/cleanup[1818615]: 31022101550: message-id=<20230619123903.31022101550@proxmox.bin-drai.com>
Jun 19 16:39:03 proxmox postfix/qmgr[1804828]: 31022101550: from=<postmaster@proxmox.bin-drai.com>, size=1770, nrcpt=1 (queue active)
Jun 19 16:39:03 proxmox postfix/smtpd[1818635]: disconnect from localhost.localdomain[127.0.0.1] ehlo=1 mail=1 rcpt=1 data=1 commands=4
Jun 19 16:39:03 proxmox pmg-smtp-filter[1818459]: 10154F64904C65B382C: notify <manesh@saturnme.com> (rule: Blacklist, 31022101550)
Jun 19 16:39:03 proxmox pmg-smtp-filter[1818459]: 10154F64904C65B382C: block mail to <it@bin-drai.com> (rule: Blacklist)
Jun 19 16:39:03 proxmox pmg-smtp-filter[1818459]: 10154F64904C65B382C: processing time: 1.517 seconds (1.318, 0.075, 0)
Jun 19 16:39:03 proxmox postfix/lmtp[1818628]: A71FB101549: to=<it@bin-drai.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=1.6, delays=0.03/0/0.05/1.5, dsn=2.7.0, status=sent (250 2.7.0 BLOCKED (10154F64904C65B382C))
Jun 19 16:39:03 proxmox postfix/qmgr[1804828]: A71FB101549: removed
Jun 19 16:39:03 proxmox postfix/smtp[1818637]: 31022101550: host aspmx.l.google.com[173.194.76.27] said: 452 4.5.2 Could not resolve sender domain. (in reply to MAIL FROM command)
Jun 19 16:39:04 proxmox postfix/smtp[1818637]: connect to aspmx.l.google.com[2a00:1450:400c:c1b::1b]:25: Network is unreachable
Jun 19 16:39:04 proxmox postfix/smtp[1818637]: connect to alt1.aspmx.l.google.com[2a00:1450:4013:c16::1a]:25: Network is unreachable
Jun 19 16:39:04 proxmox postfix/smtp[1818637]: 31022101550: to=<manesh@saturnme.com>, relay=alt2.aspmx.l.google.com[142.251.9.26]:25, delay=1.5, delays=0.05/0/1.4/0.01, dsn=4.5.2, status=deferred (host alt2.aspmx.l.google.com[142.251.9.26] said: 452 4.5.2 Could not resolve sender domain. (in reply to MAIL FROM command))

 

[Stoiko Ivanov]

Jun 19 16:39:01 proxmox pmg-smtp-filter[1818459]: WARNING: ^* matches null string many times in regex; marked by <-- HERE in m/^* <-- HERE .icommarketing.com$/ at /usr/share/perl5/PMG/RuleDB/WhoRegex.pm line 103.
Jun 19 16:39:01 proxmox pmg-smtp-filter[1818459]: WARNING: ^* matches null string many times in regex; marked by <-- HERE in m/^* <-- HERE .eu.mailgun.net$/ at /usr/share/perl5/PMG/RuleDB/WhoRegex.pm line 103.
Jun 19 16:39:01 proxmox pmg-smtp-filter[1818459]: WARNING: Unrecognized escape \m passed through in regex; marked by <-- HERE in m/^.*@.*smtp\m <-- HERE ydialoginsight\.com$$/ at /usr/share/perl5/PMG/RuleDB/WhoRegex.pm line 10

Fix your who-objects it seems you have a few syntax errors there.

ost alt2.aspmx.l.google.com[142.251.9.26] said: 452 4.5.2 Could not resolve sender domain.

PMG tries to send out the notification - but gmail refuses it - the error message points to a potential problem with your DNS setup - notifications are send out from "postmaster@your.pmg.fqdn" - it seems that your PMG's FQDN does not look like a publicly resolveable address.

Make sure your PMG's FQDN is a valid and public name...

 

[dhinilkv]

Fix your who-objects it seems you have a few syntax errors there.

PMG tries to send out the notification - but gmail refuses it - the error message points to a potential problem with your DNS setup - notifications are send out from "postmaster@your.pmg.fqdn" - it seems that your PMG's FQDN does not look like a publicly resolveable address.

Make sure your PMG's FQDN is a valid and public name...

Thanks for the update, but I am still not sure how to solve this problem, therefore I need your help.
Find the screenshot of PMG's FQDN below.



root@proxmox:~# cat /etc/hosts
127.0.0.1 localhost.localdomain localhost
192.168.2.40 proxmox.bin-drai.com proxmox

# The following lines are desirable for IPv6 capable hosts

::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts
192.168.2.8 proxmox.bin-brai.com proxmox pvelocalhost
192.168.2.10 enkive.bin-drai.com enkive

 

[Stoiko Ivanov]

The issue why google does not accept the mail seems like being in the public dns - and indeed:
`dig proxmox.bin-drai.com` shows that proxmox.bin-drai.com does not resolve to an IP address....

 

[dhinilkv]

Please see the below output



root@mail:/opt/zimbra/log# dig proxmox.bin-drai.com

; <<>> DiG 9.10.3-P4-Ubuntu <<>> proxmox.bin-drai.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7951
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;proxmox.bin-drai.com. IN A

;; AUTHORITY SECTION:
bin-drai.com. 89 IN SOA ns77.domaincontrol.com. dns.jomax.net. 2023022301 28800 7200 604800 600

;; Query time: 284 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Jun 23 15:22:25 GST 2023
;; MSG SIZE rcvd: 117

 

[Stoiko Ivanov]

lease see the below output



root@mail:/opt/zimbra/log# dig proxmox.bin-drai.com

yes - as said - the NXDOMAIN in that output says that there is no A/AAAA record for proxmox.bin-drai.com

you need correct DNS records for your MX hosts (PMG is your MX in this case)
see: https://en.wikipedia.org/wiki/MX_record

 

[dhinilkv]

Updated the A record but still not receiving notification

pls find the log below :


Jul 06 14:40:05 proxmox postfix/qmgr[2176421]: 65419101066: from=<manesh@saturnme.com>, size=3571, nrcpt=1 (queue active)
Jul 06 14:40:05 proxmox pmg-smtp-filter[2186546]: 2023/07/06-14:40:05 CONNECT TCP Peer: "[127.0.0.1]:59436" Local: "[127.0.0.1]:10024"
Jul 06 14:40:05 proxmox pmg-smtp-filter[2186546]: 10109164A69A0571183: new mail message-id=<CAGpFaXXjODCqKsSK0j6UZqeQQhRf9M-sB9ehJt+bwU5U8+OkbQ@mail.gmail.com>
Jul 06 14:40:05 proxmox pmg-smtp-filter[2186546]: WARNING: ^* matches null string many times in regex; marked by <-- HERE in m/^* <-- HERE .icommarketing.com$/ at /usr/share/perl5/PMG/RuleDB/WhoRegex.pm line 103.
Jul 06 14:40:05 proxmox pmg-smtp-filter[2186546]: WARNING: ^* matches null string many times in regex; marked by <-- HERE in m/^* <-- HERE .eu.mailgun.net$/ at /usr/share/perl5/PMG/RuleDB/WhoRegex.pm line 103.
Jul 06 14:40:05 proxmox pmg-smtp-filter[2186546]: WARNING: Unrecognized escape \m passed through in regex; marked by <-- HERE in m/^.*@.*smtp\m <-- HERE ydialoginsight\.com$$/ at /usr/share/perl5/PMG/RuleDB/WhoRegex.pm line 103.
Jul 06 14:40:05 proxmox pmg-smtp-filter[2186546]: WARNING: Unrecognized escape \m passed through in regex; marked by <-- HERE in m/^.*o13.ptr6032.\m <-- HERE ail\.beehiiv\.com$$/ at /usr/share/perl5/PMG/RuleDB/WhoRegex.pm line 103.
Jul 06 14:40:05 proxmox postfix/smtpd[2186909]: disconnect from mail-pf1-f169.google.com[209.85.210.169] ehlo=1 mail=1 rcpt=1 bdat=1 quit=1 commands=5
Jul 06 14:40:06 proxmox pmg-smtp-filter[2186546]: 10109164A69A0571183: SA score=0/5 time=1.258 bayes=0.00 autolearn=ham autolearn_force=no hits=AWL(0.389),BAYES_00(-1.9),DKIM_SIGNED(0.1),DKIM_VALID(-0.1),DKIM_VALID_AU(-0.1),DKIM_VALID_EF(-0.1),HTML_MESSAGE(0.001),RCVD_IN_DNSWL_NONE(-0.0001),RCVD_IN_MSPIKE_H3(0.001),RCVD_IN_MSPIKE_WL(0.001),SPF_HELO_NONE(0.001),SPF_PASS(-0.001),T_SCC_BODY_TEXT_LINE(-0.01)
Jul 06 14:40:06 proxmox postfix/smtpd[2186919]: connect from localhost.localdomain[127.0.0.1]
Jul 06 14:40:06 proxmox postfix/smtpd[2186919]: D2C1F1012FC: client=localhost.localdomain[127.0.0.1]
Jul 06 14:40:06 proxmox postfix/cleanup[2186913]: D2C1F1012FC: message-id=<20230706104006.D2C1F1012FC@proxmox.bin-drai.com>
Jul 06 14:40:06 proxmox postfix/qmgr[2176421]: D2C1F1012FC: from=<postmaster@proxmox.bin-drai.com>, size=1839, nrcpt=1 (queue active)
Jul 06 14:40:06 proxmox postfix/smtpd[2186919]: disconnect from localhost.localdomain[127.0.0.1] ehlo=1 mail=1 rcpt=1 data=1 commands=4
Jul 06 14:40:06 proxmox pmg-smtp-filter[2186546]: 10109164A69A0571183: notify <manesh@saturnme.com> (rule: Blacklist, D2C1F1012FC)
Jul 06 14:40:06 proxmox pmg-smtp-filter[2186546]: 10109164A69A0571183: block mail to <admin@bin-drai.com> (rule: Blacklist)
Jul 06 14:40:06 proxmox pmg-smtp-filter[2186546]: 10109164A69A0571183: processing time: 1.447 seconds (1.258, 0.074, 0)
Jul 06 14:40:06 proxmox postfix/lmtp[2186914]: 65419101066: to=<admin@bin-drai.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=1.5, delays=0.03/0/0.04/1.5, dsn=2.7.0, status=sent (250 2.7.0 BLOCKED (10109164A69A0571183))
Jul 06 14:40:06 proxmox postfix/qmgr[2176421]: 65419101066: removed
Jul 06 14:40:08 proxmox postfix/smtp[2186920]: D2C1F1012FC: to=<manesh@saturnme.com>, relay=aspmx.l.google.com[142.251.31.26]:25, delay=1.8, delays=0.05/0/1/0.76, dsn=5.7.26, status=bounced (host aspmx.l.google.com[142.251.31.26] said: 550-5.7.26 Unauthenticated email from bin-drai.com is not accepted due to 550-5.7.26 domain's DMARC policy. Please contact the administrator of 550-5.7.26 bin-drai.com domain if this was a legitimate mail. Please visit 550-5.7.26 https://support.google.com/mail/answer/2451690 to learn about the 550 5.7.26 DMARC initiative. k13-20020aa7c38d000000b00514a4541769si682098edq.81 - gsmtp (in reply to end of DATA command))
Jul 06 14:40:08 proxmox postfix/cleanup[2186913]: ADF4F101091: message-id=<20230706104008.ADF4F101091@proxmox.bin-drai.com>
Jul 06 14:40:08 proxmox postfix/qmgr[2176421]: ADF4F101091: from=<>, size=4685, nrcpt=1 (queue active)
Jul 06 14:40:08 proxmox postfix/bounce[2186948]: D2C1F1012FC: sender non-delivery notification: ADF4F101091
Jul 06 14:40:08 proxmox postfix/qmgr[2176421]: D2C1F1012FC: removed
Jul 06 14:40:08 proxmox postfix/cleanup[2186913]: B1A1D101066: message-id=<20230706104008.ADF4F101091@proxmox.bin-drai.com>
Jul 06 14:40:08 proxmox postfix/local[2186949]: ADF4F101091: to=<postmaster@proxmox.bin-drai.com>, relay=local, delay=0.02, delays=0/0.01/0/0, dsn=2.0.0, status=sent (forwarded as B1A1D101066)
Jul 06 14:40:08 proxmox postfix/qmgr[2176421]: B1A1D101066: from=<>, size=4833, nrcpt=1 (queue active)
Jul 06 14:40:08 proxmox postfix/qmgr[2176421]: ADF4F101091: removed
Jul 06 14:40:08 proxmox postfix/smtp[2186940]: B1A1D101066: to=<dhinil@bin-drai.com>, orig_to=<postmaster@proxmox.bin-drai.com>, relay=192.168.2.1[192.168.2.1]:25, delay=0.07, delays=0/0/0.02/0.05, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as C0ED46E00BED)
Jul 06 14:40:08 proxmox postfix/qmgr[2176421]: B1A1D101066: removed
Jul 06 14:40:19 proxmox postfix/smtpd[2186922]: connect from unknown[192.168.2.1]
Jul 06 14:40:19 proxmox postfix/smtpd[2186922]: 1D313101066: client=unknown[192.168.2.1]
Jul 06 14:40:19 proxmox postfix/cleanup[2186913]: 1D313101066: message-id=<20230706104008.ADF4F101091@proxmox.bin-drai.com>
Jul 06 14:40:19 proxmox postfix/smtpd[2186922]: disconnect from unknown[192.168.2.1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Jul 06 14:40:19 proxmox postfix/qmgr[2176421]: 1D313101066: from=<>, size=6055, nrcpt=1 (queue active)
Jul 06 14:40:19 proxmox pmg-smtp-filter[2186711]: 2023/07/06-14:40:19 CONNECT TCP Peer: "[127.0.0.1]:58456" Local: "[127.0.0.1]:10023"
Jul 06 14:40:19 proxmox pmg-smtp-filter[2186711]: 10109164A69A1328D3B: new mail message-id=<20230706104008.ADF4F101091@proxmox.bin-drai.com>
Jul 06 14:40:19 proxmox postfix/smtpd[2186919]: connect from localhost.localdomain[127.0.0.1]
Jul 06 14:40:19 proxmox postfix/smtpd[2186919]: 487F81012FC: client=localhost.localdomain[127.0.0.1], orig_client=unknown[192.168.2.1]
Jul 06 14:40:19 proxmox postfix/cleanup[2186913]: 487F81012FC: message-id=<20230706104008.ADF4F101091@proxmox.bin-drai.com>
Jul 06 14:40:19 proxmox postfix/qmgr[2176421]: 487F81012FC: from=<>, size=6266, nrcpt=1 (queue active)
Jul 06 14:40:19 proxmox postfix/smtpd[2186919]: disconnect from localhost.localdomain[127.0.0.1] ehlo=1 xforward=1 mail=1 rcpt=1 data=1 commands=5
Jul 06 14:40:19 proxmox pmg-smtp-filter[2186711]: 10109164A69A1328D3B: accept mail to <enkive@enkive.bin-drai.com> (487F81012FC) (rule: default-accept)
Jul 06 14:40:19 proxmox pmg-smtp-filter[2186711]: 10109164A69A1328D3B: processing time: 0.179 seconds (0, 0.099, 0)
Jul 06 14:40:19 proxmox postfix/lmtp[2186914]: 1D313101066: to=<enkive@enkive.bin-drai.com>, relay=127.0.0.1[127.0.0.1]:10023, delay=0.23, delays=0/0/0.04/0.18, dsn=2.5.0, status=sent (250 2.5.0 OK (10109164A69A1328D3B))
Jul 06 14:40:19 proxmox postfix/qmgr[2176421]: 1D313101066: removed
Jul 06 14:40:19 proxmox postfix/smtp[2186941]: 487F81012FC: to=<enkive@enkive.bin-drai.com>, relay=enkive.bin-drai.com[192.168.2.10]:25, delay=0.12, delays=0.05/0/0.04/0.03, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 73154B89CA9)
Jul 06 14:40:19 proxmox postfix/qmgr[2176421]: 487F81012FC: removed
Jul 06 14:40:23 proxmox postfix/smtpd[2186950]: connect from unknown[192.168.2.1]
Jul 06 14:40:23 proxmox postfix/smtpd[2186950]: 2D2DF101066: client=unknown[192.168.2.1]
Jul 06 14:40:23 proxmox postfix/cleanup[2186913]: 2D2DF101066: message-id=<032601d9aff6$56611980$03234c80$@bin-drai.com>
Jul 06 14:40:23 proxmox postfix/qmgr[2176421]: 2D2DF101066: from=<>, size=4382, nrcpt=1 (queue active)
Jul 06 14:40:23 proxmox postfix/smtpd[2186950]: disconnect from unknown[192.168.2.1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Jul 06 14:40:23 proxmox pmg-smtp-filter[2186546]: 2023/07/06-14:40:23 CONNECT TCP Peer: "[127.0.0.1]:48906" Local: "[127.0.0.1]:10023"
Jul 06 14:40:23 proxmox pmg-smtp-filter[2186546]: 10109164A69A17396BF: new mail message-id=<032601d9aff6$56611980$03234c80$@bin-drai.com>
Jul 06 14:40:23 proxmox postfix/smtpd[2186951]: connect from unknown[192.168.2.1]
Jul 06 14:40:23 proxmox postfix/smtpd[2186951]: 477491012FC: client=unknown[192.168.2.1]
Jul 06 14:40:23 proxmox postfix/cleanup[2186913]: 477491012FC: message-id=<032601d9aff6$56611980$03234c80$@bin-drai.com>
Jul 06 14:40:23 proxmox postfix/smtpd[2186951]: disconnect from unknown[192.168.2.1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Jul 06 14:40:23 proxmox postfix/qmgr[2176421]: 477491012FC: from=<>, size=4589, nrcpt=1 (queue active)
Jul 06 14:40:23 proxmox pmg-smtp-filter[2175282]: Starting "1" children
Jul 06 14:40:23 proxmox pmg-smtp-filter[2186711]: 2023/07/06-14:40:23 CONNECT TCP Peer: "[127.0.0.1]:48918" Local: "[127.0.0.1]:10023"
Jul 06 14:40:23 proxmox postfix/smtpd[2186919]: connect from localhost.localdomain[127.0.0.1]
Jul 06 14:40:23 proxmox postfix/smtpd[2186919]: 55EAF101302: client=localhost.localdomain[127.0.0.1], orig_client=unknown[192.168.2.1]
Jul 06 14:40:23 proxmox pmg-smtp-filter[2186711]: 10130664A69A1759B16: new mail message-id=<032601d9aff6$56611980$03234c80$@bin-drai.com>
Jul 06 14:40:23 proxmox postfix/cleanup[2186913]: 55EAF101302: message-id=<032601d9aff6$56611980$03234c80$@bin-drai.com>
Jul 06 14:40:23 proxmox postfix/qmgr[2176421]: 55EAF101302: from=<>, size=4589, nrcpt=1 (queue active)
Jul 06 14:40:23 proxmox postfix/smtpd[2186919]: disconnect from localhost.localdomain[127.0.0.1] ehlo=1 xforward=1 mail=1 rcpt=1 data=1 commands=5
Jul 06 14:40:23 proxmox pmg-smtp-filter[2186546]: 10109164A69A17396BF: accept mail to <tinap@alarabitravel.ae> (55EAF101302) (rule: default-accept)
Jul 06 14:40:23 proxmox pmg-smtp-filter[2186546]: 10109164A69A17396BF: processing time: 0.164 seconds (0, 0.09, 0)
Jul 06 14:40:23 proxmox postfix/lmtp[2186914]: 2D2DF101066: to=<tinap@alarabitravel.ae>, relay=127.0.0.1[127.0.0.1]:10023, delay=0.22, delays=0/0/0.05/0.17, dsn=2.5.0, status=sent (250 2.5.0 OK (10109164A69A17396BF))
Jul 06 14:40:23 proxmox postfix/qmgr[2176421]: 2D2DF101066: removed
Jul 06 14:40:23 proxmox postfix/smtpd[2186919]: connect from localhost.localdomain[127.0.0.1]
Jul 06 14:40:23 proxmox postfix/smtpd[2186919]: 7214F101066: client=localhost.localdomain[127.0.0.1], orig_client=unknown[192.168.2.1]
Jul 06 14:40:23 proxmox postfix/cleanup[2186913]: 7214F101066: message-id=<032601d9aff6$56611980$03234c80$@bin-drai.com>
Jul 06 14:40:23 proxmox postfix/qmgr[2176421]: 7214F101066: from=<>, size=4800, nrcpt=1 (queue active)
Jul 06 14:40:23 proxmox postfix/smtpd[2186919]: disconnect from localhost.localdomain[127.0.0.1] ehlo=1 xforward=1 mail=1 rcpt=1 data=1 commands=5
Jul 06 14:40:23 proxmox pmg-smtp-filter[2186711]: 10130664A69A1759B16: accept mail to <enkive@enkive.bin-drai.com> (7214F101066) (rule: default-accept)
Jul 06 14:40:23 proxmox pmg-smtp-filter[2186711]: 10130664A69A1759B16: processing time: 0.148 seconds (0, 0.069, 0)
Jul 06 14:40:23 proxmox postfix/lmtp[2186955]: 477491012FC: to=<enkive@enkive.bin-drai.com>, relay=127.0.0.1[127.0.0.1]:10023, delay=0.23, delays=0/0.02/0.05/0.15, dsn=2.5.0, status=sent (250 2.5.0 OK (10130664A69A1759B16))
Jul 06 14:40:23 proxmox postfix/qmgr[2176421]: 477491012FC: removed
Jul 06 14:40:23 proxmox postfix/smtp[2186940]: 7214F101066: to=<enkive@enkive.bin-drai.com>, relay=enkive.bin-drai.com[192.168.2.10]:25, delay=0.13, delays=0.05/0/0.02/0.06, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 9767BB89CA9)
Jul 06 14:40:23 proxmox postfix/qmgr[2176421]: 7214F101066: removed
Jul 06 14:40:24 proxmox postfix/smtp[2186920]: 55EAF101302: to=<tinap@alarabitravel.ae>, relay=alarabitravel-ae.mail.protection.outlook.com[104.47.84.110]:25, delay=1.2, delays=0.05/0/0.31/0.82, dsn=2.6.0, status=sent (250 2.6.0 <032601d9aff6$56611980$03234c80$@bin-drai.com> [InternalId=6910602393527, Hostname=DX1P273MB1250.AREP273.PROD.OUTLOOK.COM] 13490 bytes in 0.182, 72.030 KB/sec Queued mail for delivery)
Jul 06 14:40:24 proxmox postfix/qmgr[2176421]: 55EAF101302: removed

 

[Stoiko Ivanov]

as said in https://forum.proxmox.com/threads/notify-sender-is-not-working-in-blacklist-rules.128950/post-565357
fix the regexes in your rule-system

I hope this helps!

 

[dhinilkv]

How? Could you please assist.

 

[Stoiko Ivanov]

WARNING: ^* matches null string many times in regex; marked by <-- HERE in m/^* <-- HERE .icommarketing.com$/ at /usr/share/perl5/PMG/RuleDB/WhoRegex.pm line 103.

This warning for example shows that you have a whoregex somewhere in your rulesystem that looks like:
'*.icommarketing.com' - however a regular expression uses '.*' for matching any string
so it should be: '.*\.icommarketing\.com' ('.' has a special meaning in regular expressions)

WARNING: Unrecognized escape \m passed through in regex; marked by <-- HERE in m/^.*o13.ptr6032.\m <-- HERE ail\.beehiiv\.com$$/ at /usr/share/perl5/PMG/RuleDB/WhoRegex.pm line 103.

This warning says that '\m' is wrong - depending what you want to match I guess the '\' is wrong (to match \.mail.beehiiv\.com)....

keep an eye on your logs for those warnings - and fix your rules.

The reference documentation also provides information:
https://pmg.proxmox.com/pmg-docs/pmg-admin-guide.html#pmg_mailfilter_regex

and there are tons of tutorials on regular expression/regex in the internet.

 

[dhinilkv]

How this regex is blocking the notify sender object ?

 

[Stoiko Ivanov]

How this regex is blocking the notify sender object ?

The error in the regex causes pmg-smtp-filter to stop processing

 

[dhinilkv]

Remove those regex solves the issue?

Is there any way we can remove the rules from command line. Is there any file we can access and delete it ?

 

[Stoiko Ivanov]

Is there any way we can remove the rules from command line. Is there any file we can access and delete it ?

Just use the GUI?
The Objects of the rulesystem are stored in the rule database - you can use the REST-API and/or pmgsh to edit them - but I would not recommend this if you haven't much experience with such systems.
https://pmg.proxmox.com/pmg-docs/api-viewer/index.html#/config/ruledb/who/{ogroup}/objects/{id}

Just for completeness sake - fixing your rule-system is probably not all that you need to do - see the logs you posted:

Jul 06 14:40:08 proxmox postfix/smtp[2186920]: D2C1F1012FC: to=<manesh@saturnme.com>, relay=aspmx.l.google.com[142.251.31.26]:25, delay=1.8, delays=0.05/0/1/0.76, dsn=5.7.26, status=bounced (host aspmx.l.google.com[142.251.31.26] said: 550-5.7.26 Unauthenticated email from bin-drai.com is not accepted due to 550-5.7.26 domain's DMARC policy. Please contact the administrator of 550-5.7.26 bin-drai.com domain if this was a legitimate mail. Please visit 550-5.7.26 https://support.google.com/mail/answer/2451690 to learn about the 550 5.7.26 DMARC initiative. k13-20020aa7c38d000000b00514a4541769si682098edq.81 - gsmtp (in reply to end of DATA command))