[SOLVED] Specify Blacklist / Blocking Options

kransom

New Member
Aug 22, 2023
24
1
3
I want to specify how to block a sender (incoming mail) based on the domain. Is there a combination of objects and rules to achieve this?
I added an email in my Blacklist who object wanting to reject all emails coming from 'sender' to kransom@domain1, but this also blocks that sender from getting through to other domains on postfix e.g. domain2.

What I'd like:
*block*
sender@example.com > kransom@domain1.com
*accept*
sender@example.com > kransom@domain2.com
 
If I understand your question correctly this should be pretty straight forward:
* create one rule with higher priority, a from object with 'sender@example.com' a to object with 'kransom@domain1.com', an action block
* remove 'sender@example.com' from the Blacklist Who object.
 
If I understand your question correctly this should be pretty straight forward:
* create one rule with higher priority, a from object with 'sender@example.com' a to object with 'kransom@domain1.com', an action block
* remove 'sender@example.com' from the Blacklist Who object.
I was able to get this to work. Thank you.
But I am having another issue.

I have 3 who objects
1. 'from blacklist' blocking a domain (let's say example.edu)
2. 'from whitelist' permitting an email address from that domain (someone@example.edu)
3. 'test to' with a domain called 'mydomain.org'

I created 2 rules under Mail Filter
1. 'accept'
- action object > Accept
- from > 'from whitelist'
- to > 'test to'
- priority 100

2. 'deny'
- action object > block
- from > 'from blacklist'
- to > 'test to'
- priority 90

With this configuration. This allow emails from someone@example.edu and block other emails from whatever@example.edu (or *@example.edu), but it is blocking someone@example.edu every time.
 
This sounds odd - as the described rules should allow someone@example.edu -> mydomain.org
* make sure you have the direction of the rule correct (in&Out if in doubt)
* make sure that the rules are both active

If this does not help - please post the logs of such a mail - then we might be able to say more.
 
After adjusting in&out and rechecking configuration, seems like it is working as expected.

Another question. So I have multiple domains that I want to do this for similar to example.edu. (e.g. one.edu, two.edu, three.edu etc.)
Each of these domains have their own set of emails, networks, ip addrs, and domains that are whitelisted and blacklisted from my previous mail spam filter (I am testing currently to migrate over in the coming weeks).

It seems like I would have to create 2 rules under mail filter (one for rejecting and one for accepting) and 3 who objects (one to define the domain, the 'to', one to define the whitelist for the 'to' domain, and one more to define the blacklist for the 'to' domain). Is there a better way of doing this, or does this sound about right?
 
It seems like I would have to create 2 rules under mail filter (one for rejecting and one for accepting) and 3 who objects (one to define the domain, the 'to', one to define the whitelist for the 'to' domain, and one more to define the blacklist for the 'to' domain). Is there a better way of doing this, or does this sound about right?

sounds about right to me - but as usual - just test it and keep an eye on the logs!
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!