Email flow diagram - whitelisting before blacklisting (help)

Questions and answers about how to do stuff
Post Reply
rangerdth
Posts: 6
Joined: 18 Mar 2019 15:52
Location: Boston, MA
Contact:

Email flow diagram - whitelisting before blacklisting (help)

Post by rangerdth »

I found a couple threads about an email flow diagram from 2015, but nothing more recent.
The mailscanner guide (someone linked here: https://s3.amazonaws.com/mailscanner/do ... -guide.pdf ) is a good reference, on page 8 (the numbered page 8).

What I think we have an issue with right now is that the blacklists are getting evaluated before the whitelist.

So, if we have support@company.com whitelisted to everyone, but emails are getting bounced due to a blacklist.

I would like to fix that (i.e. invert the whitelist check to be before the blacklist), or if this is a known issue, can anyone help?

Thanks.
rangerdth
Posts: 6
Joined: 18 Mar 2019 15:52
Location: Boston, MA
Contact:

Re: Email flow diagram - whitelisting before blacklisting (help)

Post by rangerdth »

In a reply to my original message, I didn't find a flow diagram, but I did find the relevant sections in the MailScanner docs:
https://www.mailscanner.info/MailScanne ... Not%20Spam

This definitively says that the whitelist is read before the blacklist.

I now believe my problem lies in postfix RBL's, as those are evaluated before MailScanner takes over.
User avatar
pdwalker
Posts: 1444
Joined: 18 Mar 2015 09:16

Re: Email flow diagram - whitelisting before blacklisting (help)

Post by pdwalker »

What do your log files show for the rejected messages?
rangerdth
Posts: 6
Joined: 18 Mar 2019 15:52
Location: Boston, MA
Contact:

Re: Email flow diagram - whitelisting before blacklisting (help)

Post by rangerdth »

pdwalker wrote: 11 May 2022 14:37 What do your log files show for the rejected messages?
EDITED MY ORIGINAL REPLY for a better example:

May 11 02:21:41 mx02 postfix/smtpd[11027]: NOQUEUE: reject: RCPT from hwsrv-968541.hostwindsdns.com[104.168.204.250]: 554 5.7.1 Service unavailable; Client host [104.168.204.250] blocked using zen.spamhaus.org; Error: open resolver; https://www.spamhaus.org/returnc/pub/172.68.53.64; from=<somone@someplace.com> to=<support@company.com> proto=ESMTP helo=<hwsrv-968541.hostwindsdns.com>
User avatar
pdwalker
Posts: 1444
Joined: 18 Mar 2015 09:16

Re: Email flow diagram - whitelisting before blacklisting (help)

Post by pdwalker »

yes, that is the postfix RBL check rejecting the message before it arrives in the system.

So, if you want to receive those messages, turn off the RBL checks in postfix.

I don't, because they seem to be pretty good at identifying spam before it enters my system.
rangerdth
Posts: 6
Joined: 18 Mar 2019 15:52
Location: Boston, MA
Contact:

Re: Email flow diagram - whitelisting before blacklisting (help)

Post by rangerdth »

pdwalker wrote: 12 May 2022 05:50 yes, that is the postfix RBL check rejecting the message before it arrives in the system.

So, if you want to receive those messages, turn off the RBL checks in postfix.

I don't, because they seem to be pretty good at identifying spam before it enters my system.
Thanks for the reply.
One thing that had me concerned was the reference to "open resolver". That really sounded like my system had an issue.
User avatar
pdwalker
Posts: 1444
Joined: 18 Mar 2015 09:16

Re: Email flow diagram - whitelisting before blacklisting (help)

Post by pdwalker »

I think that means that the sending site had an open resolver.
Post Reply