Greylisting problem
Greylisting problem
I have a client that is running the latest EFA and they have a supplier who is sending them emails that always get greylisted. What happens is that the sending server always sends from a different IP address (They are using 254 different IP addresses). The first time that they get grey-listed the sending server will then try from a different IP address but then that get grey-listed and so on and eventually the email does not get delivered. I previously manually added all 254 addresses for that domain but it seems to have now forgotten most of them and I don't want to have to regularly type them all in as it is quite time consuming. I am wondering if is possible to exclude certain domains from being greylisted.
- shawniverson
- Posts: 3650
- Joined: 13 Jan 2014 23:30
- Location: Indianapolis, Indiana USA
- Contact:
Re: Greylisting problem
Are the 254 addresses in a single contiguous segment?
- shawniverson
- Posts: 3650
- Joined: 13 Jan 2014 23:30
- Location: Indianapolis, Indiana USA
- Contact:
Re: Greylisting problem
Try adding a class c network....do this by just entering the first three octets into the whitelist
Sender name: somesender
Sender domain: somedomain.com
Source (class c or d): 123.123.123
Sender name: somesender
Sender domain: somedomain.com
Source (class c or d): 123.123.123
Re: Greylisting problem
Tried adding the Class C but it didn't help
Andy
Andy
Re: Greylisting problem
Any joy with solving your problem?andyitc wrote:Tried adding the Class C but it didn't help
Andy
Re: Greylisting problem
unfortunately I haven't got anywhere with this problem
Re: Greylisting problem
Does
"Opt-out domains
(recipients for whom messages are never greylisted)"
not work?
"Opt-out domains
(recipients for whom messages are never greylisted)"
not work?
Re: Greylisting problem
Surely that would stop any recipient from being greylisted at all or am I misunderstanding the way that this is working? Strange thing is I have just checked and they are not waiting for this domain in the greylist now. It could be thatit has now managed to populate with all of the IP addresses
Re: Greylisting problem
EFA-Webinterface -> Greylist -> Optout domain -> add ONE domain
mails from this domain are never greylisted
mails from this domain are never greylisted
Re: Greylisting problem
Thank You.Ii had previously done this but I think it takes time before it becomes apparent that this is working. The terminology is confusing as it says
Opt-out domains
(recipients for whom messages are never greylisted)
It should actually say Opt-out domains
(senders for whom messages are never greylisted)
as it is the senders and not the recipients that we need to exclude from checking
Opt-out domains
(recipients for whom messages are never greylisted)
It should actually say Opt-out domains
(senders for whom messages are never greylisted)
as it is the senders and not the recipients that we need to exclude from checking
Re: Greylisting problem
I'm afraid i am wrong. Sorry. I have to test again.
Re: Greylisting problem
my case is a little different
I have an upstream mail provider that removes all viral laden messages before passing them back to us (essentially they are our "smart host" for those particular domains.
The messages they send us are greylisted when any traffic from their IPs should immediately be accepted.
I can't figure out how to handle that.
I have an upstream mail provider that removes all viral laden messages before passing them back to us (essentially they are our "smart host" for those particular domains.
The messages they send us are greylisted when any traffic from their IPs should immediately be accepted.
I can't figure out how to handle that.
Re: Greylisting problem
If the source IP's are from the same subnet xxx.xxx.xxx(.yyy) and "Greylist" -> "Domains" -> "Add to whitelist" is used, does this work?
Sender domain: thedomain.tld
Source (class c or d): xxx.xxx.xxx
Just guessing.
Sender domain: thedomain.tld
Source (class c or d): xxx.xxx.xxx
Just guessing.
Re: Greylisting problem
tried that. Still getting grey listed.
I've tried:
sender domain: *
source: xxx.yyy.zzz
(the sender domains will be the original senders, not the domain of the virus removing provider/smarthost I am using).
I've tried:
sender domain: *
source: xxx.yyy.zzz
(the sender domains will be the original senders, not the domain of the virus removing provider/smarthost I am using).
- shawniverson
- Posts: 3650
- Joined: 13 Jan 2014 23:30
- Location: Indianapolis, Indiana USA
- Contact:
Re: Greylisting problem
I don't think the sender domain can be a wildcard...
Re: Greylisting problem [solved for me]
nope. you cannot.
I solved the problem in the end
edit /etc/sqlgrey/clients_ip_whitelist.local
add in each ip address, line by line
/etc/sqlgrey restart
watch as the maillog changes from
I solved the problem in the end
edit /etc/sqlgrey/clients_ip_whitelist.local
add in each ip address, line by line
/etc/sqlgrey restart
watch as the maillog changes from
toMar 26 12:34:37 efa postfix/smtpd[14224]: NOQUEUE: reject: RCPT from mail6.bemta17.messagelabs.com[117.120.20.71]: 451 4.7.1 <receiver@receiver.domain>: Recipient address rejected: Greylisted for 5 minutes; from=<sender@sender.domain> to=<receiver@receiver.domain> proto=ESMTP helo=<mail6.bemta17.messagelabs.com>
Mar 26 12:35:31 efa sqlgrey: whitelist: sender@sender.domain, 117.120.16.199(mail6.bemta10.messagelabs.com) -> receiver@receiver.domain
Re: Greylisting problem
I know this is an old thread but after reading: /etc/sqlgrey/clients_fqdn_whitelist would it not be easier to add your domain to /etc/sqlgrey/clients_fqdn_whitelist.local?
Re: Greylisting problem
where would one report this? I totally agree its mislabeled.andyitc wrote:Opt-out domains
(recipients for whom messages are never greylisted)
It should actually say Opt-out domains
(senders for whom messages are never greylisted)
as it is the senders and not the recipients that we need to exclude from checking
Re: Greylisting problem
Create & add IP ranges to: /etc/sqlgrey/clients_ip_whitelist.local
and/or
Create & add domains to /etc/sqlgrey/clients_fqdn_whitelist.local
See the original SQLGrey files for examples but do not modify the originals as they will be overwritten by a module update!
/etc/sqlgrey/clients_ip_whitelist
/etc/sqlgrey/clients_fqdn_whitelist
For IP's, you can add Class A, B, C or D addresses:
ie.
192.168.25.26
192.168.25
192.168
192
For _fqdn_ entries:
##
# SQLgrey expects the following expressions:
#
# hostname.domain.com # whole system name (least CPU intensive)
# *.domain.com # whitelist any fqdn in the domain 'domain.com'
# /regexp/ # whitelist any fqdn matching the regexp (by far most CPU intensive)
and/or
Create & add domains to /etc/sqlgrey/clients_fqdn_whitelist.local
See the original SQLGrey files for examples but do not modify the originals as they will be overwritten by a module update!
/etc/sqlgrey/clients_ip_whitelist
/etc/sqlgrey/clients_fqdn_whitelist
For IP's, you can add Class A, B, C or D addresses:
ie.
192.168.25.26
192.168.25
192.168
192
For _fqdn_ entries:
##
# SQLgrey expects the following expressions:
#
# hostname.domain.com # whole system name (least CPU intensive)
# *.domain.com # whitelist any fqdn in the domain 'domain.com'
# /regexp/ # whitelist any fqdn matching the regexp (by far most CPU intensive)
Re: Greylisting problem
Also, occasionally run:
[root@efa sqlgrey]# update_sqlgrey_config
updating /etc/sqlgrey/clients_fqdn_whitelist:
--- /etc/sqlgrey/clients_fqdn_whitelist 2015-02-26 18:45:56.317999767 -0800
+++ clients_fqdn_whitelist 2016-06-27 08:02:37.000000000 -0700
@@ -100,6 +100,14 @@
# GL-group: no retry
mail.gl-group.com
+# StartSSL: no retry
+*.startcom.org
+*.startssl.com
+
+# Outlook.com users, retries do not come from the same server.
+*.outbound.protection.outlook.com
+
+
# Do not add anything here (this file can be overwritten by SQLgrey updates and
# update_sqlgrey_config), create a "clients_fqdn_whitelist.local" file
# and add your own entries in there
updating /etc/sqlgrey/smtp_server.regexp:
--- /etc/sqlgrey/smtp_server.regexp 2015-02-26 18:45:56.422999767 -0800
+++ smtp_server.regexp 2005-03-01 16:29:45.000000000 -0800
@@ -1 +1 @@
-^(.+[._-])*(apache|bounce|bulk|delay|d?ns|external|extranet|filter|firewall|forward|gateway|gw|m?liste?s?|(bulk|dead|mass|send|[eqw])?mail(er)?|e?mail(agent|host|hub|scan(ner)?)|messagerie|mta|v?mx|out(bound)?|pop|postfix|w?proxy|rela(is|y)|serveu?r|smarthost|v?smtp|web|www)(gate|mail|mx|pool|out|server)?[0-9]*[._-]
\ No newline at end of file
+^(.+[._-])*(apache|bounce|bulk|delay|d?ns|external|extranet|filter|firewall|forward|gateway|gw|m?liste?s?|(bulk|dead|mass|send|[eqw])?mail(er)?|e?mail(agent|host|hub|scan(ner)?)|messagerie|mta|v?mx|out(bound)?|pop|postfix|w?proxy|rela(is|y)|serveu?r|smarthost|v?smtp|web|www)(gate|mail|mx|pool|out|server)?[0-9]*[._-]
[root@efa sqlgrey]#
[root@efa sqlgrey]# update_sqlgrey_config
updating /etc/sqlgrey/clients_fqdn_whitelist:
--- /etc/sqlgrey/clients_fqdn_whitelist 2015-02-26 18:45:56.317999767 -0800
+++ clients_fqdn_whitelist 2016-06-27 08:02:37.000000000 -0700
@@ -100,6 +100,14 @@
# GL-group: no retry
mail.gl-group.com
+# StartSSL: no retry
+*.startcom.org
+*.startssl.com
+
+# Outlook.com users, retries do not come from the same server.
+*.outbound.protection.outlook.com
+
+
# Do not add anything here (this file can be overwritten by SQLgrey updates and
# update_sqlgrey_config), create a "clients_fqdn_whitelist.local" file
# and add your own entries in there
updating /etc/sqlgrey/smtp_server.regexp:
--- /etc/sqlgrey/smtp_server.regexp 2015-02-26 18:45:56.422999767 -0800
+++ smtp_server.regexp 2005-03-01 16:29:45.000000000 -0800
@@ -1 +1 @@
-^(.+[._-])*(apache|bounce|bulk|delay|d?ns|external|extranet|filter|firewall|forward|gateway|gw|m?liste?s?|(bulk|dead|mass|send|[eqw])?mail(er)?|e?mail(agent|host|hub|scan(ner)?)|messagerie|mta|v?mx|out(bound)?|pop|postfix|w?proxy|rela(is|y)|serveu?r|smarthost|v?smtp|web|www)(gate|mail|mx|pool|out|server)?[0-9]*[._-]
\ No newline at end of file
+^(.+[._-])*(apache|bounce|bulk|delay|d?ns|external|extranet|filter|firewall|forward|gateway|gw|m?liste?s?|(bulk|dead|mass|send|[eqw])?mail(er)?|e?mail(agent|host|hub|scan(ner)?)|messagerie|mta|v?mx|out(bound)?|pop|postfix|w?proxy|rela(is|y)|serveu?r|smarthost|v?smtp|web|www)(gate|mail|mx|pool|out|server)?[0-9]*[._-]
[root@efa sqlgrey]#
Re: Greylisting problem
I'll add a feature suggestion for EFA to run this comand on a certain say weekly schedule?
Re: Greylisting problem
It would also be a nice feature to have the SQLGrey Webinterface have options to add/delete entries in /etc/sqlgrey/clients_ip_whitelist.local and /etc/sqlgrey/clients_fqdn_whitelist.local . . . .
Last edited by dbrunt on 02 Mar 2017 20:41, edited 1 time in total.
Re: Greylisting problem
Good point! You might want to raise that issue with the guys who made the web interface, go to EFA => Greylisting and look towards the bottom where it says:
QLGrey webinterface v 1.1.6 by folkert@vanheusden.com and Jan Ceulen | BeeBeeC
email and URLs are there.
QLGrey webinterface v 1.1.6 by folkert@vanheusden.com and Jan Ceulen | BeeBeeC
email and URLs are there.