Whitelist and Blacklists not working as expected

Discussion in 'Mail Gateway: Installation and configuration' started by dthompson, Jun 5, 2018.

  1. dthompson

    dthompson Member

    Joined:
    Nov 23, 2011
    Messages:
    41
    Likes Received:
    0
    I have an issue where emails that are coming in have been added to either a whitelist or blacklist but still the emails get by,

    For instance, one of my clients have an email from domain: abcdef.com and they have added the emails to the whitelist after it was caught as spam. They then have back and forth conversations and then the 12th one gets flagged as spam and locked away until they get the mail notifications the following morning.

    The domain abcdef.com is hosted on google's mail servers, but that shouldn't matter. If they have added that domain to their own whitelist of blacklist should that not super seed any other rules and pass through the email to the end user(s)?

    This seems counterintuitive. If I add an email my own white or black lists then any emails from those email addresses or domains I've deemed as being OK or bad should be blocked for my own domains or email addresses residing on my PMG servers.

    The fact that they are not is worrisome and frustrating for my end users who are expecting the emails and domains they added to come through are not getting them.

    However it could be on my end that the problem resides:

    One of the rules I have in place are:


    Name Priority Direction Enabled
    =======================================================================
    Blacklist 98 <--IN YES
    Block Viruses 96 <--IN YES
    Virus Alert 96 --> OUT YES
    Block Dangerous Files 93 <--IN YES
    Modify Header 90 <--IN YES
    Whitelist 85 <--IN YES
    Quarantine/Mark Spam (Level3) 80 <--IN YES


    >> So the blacklist has the top priority however it seems some of those emails are still getting though. The whitelist has a much lower priority. Should that be moved to a higher number above and or equal to the Blacklist number in this case?

    I'm a little lost here and would like to get a better handle on this solution.
    Thank you!!
     
  2. tom

    tom Proxmox Staff Member
    Staff Member

    Joined:
    Aug 29, 2006
    Messages:
    13,564
    Likes Received:
    408
    For a full analysis you need to inspect your rules in detail.

    One common configuration issue is a wrong SMTP port configuration (so the incoming rules does only trigger on the configured incoming SMTP port).
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. dthompson

    dthompson Member

    Joined:
    Nov 23, 2011
    Messages:
    41
    Likes Received:
    0
    Thanks for the reply. So the rules are the default out of the box. So far as I know the smtp port configuration is port 25 incoming and port 26 relay from the internal mail servers.

    Where do I find the smtp port configuration information? I’m fairly certain it’s setup properly but who knows.
     
  4. tom

    tom Proxmox Staff Member
    Staff Member

    Joined:
    Aug 29, 2006
    Messages:
    13,564
    Likes Received:
    408
    Check your settings on: "Configuration/Mail Proxy/Ports"
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. dthompson

    dthompson Member

    Joined:
    Nov 23, 2011
    Messages:
    41
    Likes Received:
    0
    Yeah those are the defaults: External 25. Internal 26
     
  6. toastbrot

    toastbrot New Member

    Joined:
    Mar 7, 2018
    Messages:
    6
    Likes Received:
    0
    were you able to solve this? i think i have the same problem. Mail Gateway 5.0-76 with some domains in the global blacklist and they still get thru. mostly all default config, also in menu "mail filter" besides adding domain blacklist objects. just used as incoming mailproxy.
     
  7. Pavel Hruška

    Pavel Hruška Member

    Joined:
    May 1, 2018
    Messages:
    37
    Likes Received:
    2
  8. toastbrot

    toastbrot New Member

    Joined:
    Mar 7, 2018
    Messages:
    6
    Likes Received:
    0
    the really annoying part is, that the user itself (me in this case) opened a spam from the digest and clicked the button "blacklist", which in fact does not have any effect. i've even manually added *@annoyingspamer.com before, which had also no effect. so to sum it up: seems like in default configuration blacklists do not have any effect at all. which makes them pretty useless...
     
  9. Pavel Hruška

    Pavel Hruška Member

    Joined:
    May 1, 2018
    Messages:
    37
    Likes Received:
    2
    No, that is not true. Those blacklists are working, but are not able to see "real" sender addresses for some type of emails, typically mass mailing, because the sender is "masked" by envelope of the mass mailer. It is fun because you usually want to block mass mailing, huh?

    I hope proxmox will fix this in the future...
     
  10. toastbrot

    toastbrot New Member

    Joined:
    Mar 7, 2018
    Messages:
    6
    Likes Received:
    0
  11. Pavel Hruška

    Pavel Hruška Member

    Joined:
    May 1, 2018
    Messages:
    37
    Likes Received:
    2
    Does not seem to solve the custom blacklist problem... Because I want to black even "regular" mass mailing, that is not listed anywhere on external blacklist...
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice