whitelist and confspam

T

tcsis

New Member
Oct 28, 2019
29
0
1
40
Hello, how can I whitelist a domain because even by inserting in mail proxy and who whitelist this domain is always blocked in quarantine and also many spam emails are not blocked
 
sorry but not have anyl log for quarantene domain the domain is creditsafe.com
 

Attachments

  • proxmox3.PNG
    proxmox3.PNG
    94.9 KB · Views: 2
  • proxmxo2.PNG
    proxmxo2.PNG
    70.6 KB · Views: 2
  • proxmox1.PNG
    proxmox1.PNG
    104.6 KB · Views: 2
tcsis said:
sorry but not have anyl log for quarantene domain the domain
Click to expand...
Check the mail.log of the system:
/var/log/mail.log (/var/log/mail.log.1, /var/log/mail.log.2.gz)
or the system journal
`journalctl -b`
alternatively
the information can be seen in the GUI's Tracking Center
 
mail.log.1 mail.log.2.gz mail.log.3.gz mail.log.4.gz
root@mailgw:~# cat /var/log/mail.log.1 |grep creditsafe
Oct 6 15:30:50 mailgw postfix/smtpd[9646]: connect from mail6031.creditsafeuk.mkt6630.com[74.112.64.149]
Oct 6 15:30:57 mailgw postfix/smtpd[9646]: 103B41D013BC: client=mail6031.creditsafeuk.mkt6630.com[74.112.64.149]
Oct 6 15:30:57 mailgw postfix/qmgr[575]: 103B41D013BC: from=<v-cjjjhdm_oonplfapnb_gooegbee_gooegbee_a@bounce.grp.creditsafemail.com>, size=27427, nrcpt=1 (queue active)
Oct 6 15:30:57 mailgw postfix/smtpd[9646]: disconnect from mail6031.creditsafeuk.mkt6630.com[74.112.64.149] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Oct 6 15:31:12 mailgw postfix/smtpd[10429]: 7E2CE1D01405: client=localhost[127.0.0.1], orig_client=mail6031.creditsafeuk.mkt6630.com[74.112.64.149]
Oct 6 15:31:12 mailgw postfix/qmgr[575]: 7E2CE1D01405: from=<v-cjjjhdm_oonplfapnb_gooegbee_gooegbee_a@bounce.grp.creditsafemail.com>, size=28545, nrcpt=1 (queue active)
Oct 8 09:57:28 mailgw postfix/qmgr[575]: C64801D013A8: from=<andrea.porcelli@creditsafe.it>, size=102894, nrcpt=1 (queue active)
Oct 8 09:57:44 mailgw postfix/qmgr[575]: 4522E1D01418: from=<andrea.porcelli@creditsafe.it>, size=103626, nrcpt=1 (queue active)


++++++++++++++++++++++++++++

Daily Spam Report for 'daniela@trafil.it' - 2020-10-15​

Monitoring@creditsafe.com
2020-10-15 05:05:45​
SPAM: monitoraggio concorrenti
Monitoring@creditsafe.com
2020-10-15 05:49:23​
SPAM: Default Portfolio




 
grepping only for the recipient domain won't show you the complete picture - either post the complete log for the timeframe - or use the Tracking center

if you match for a 'domain' as WHO object then only the domain is matched (no subdomain) - additionally the smtp-envelop address is matched and not the From header...
* add a 'What' object (Match Field - field 'From', value '.*@creditsafe.com' to the rule
* and/or match for a regular expression in the Who Object as well ('.*creditsafe.com')
 
sorry but how insert the domain in WHAT
 

Attachments

  • proxmox4.PNG
    proxmox4.PNG
    63 KB · Views: 3
i try to create from rule but ....
 

Attachments

  • proxmox5.PNG
    proxmox5.PNG
    90 KB · Views: 3
Let tackle the whitelist issue first. What domain or email address you want to whitelist? Show the mail.log that show your whitelist domain/email was being blocked.
 
If I may interject.

From the documentation if I want to whitelist senders ( from: bob@abc123.com )

I can add a who object->E-Mail->bob@abc123.com (whitelist that user) -OR-
I can add a who object->domain->abc123.com (whitelist any-user@abc123.com)

If the mail log shows the from as that domain/email address it will whitelist.

However in my case, and in this persons case it does not.

How would you recommend to configure this in my example sender situation which will fix tcsis issue as well as mine.

Thank you.

One other question, in postfix in most config files if you want to receive anything at a domain the config file looks like:
@abc123.com OK

or for a user

bob@abc123.com OK

So if you're entering a domain in who->whitelist->domain, that should domain should look like my first example.
 
Last edited:
MiamiJack said:
If I may interject.

From the documentation if I want to whitelist senders ( from: bob@abc123.com )

I can add a who object->E-Mail->bob@abc123.com (whitelist that user) -OR-
I can add a who object->domain->abc123.com (whitelist any-user@abc123.com)

If the mail log shows the from as that domain/email address it will whitelist.

However in my case, and in this persons case it does not.

How would you recommend to configure this in my example sender situation which will fix tcsis issue as well as mine.

Thank you.
Click to expand...
Create a rules to quarantine/block from who object should work.

1603414503622.png
 

Attachments

  • 1603414364265.png
    1603414364265.png
    2.7 KB · Views: 0
Are your PMG in production now? If not, i would suggest to reset all the filter rules to default.
Create a new test rules to quarantine all incoming @gmail.com. Let see does it work or not.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back