Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

dnsbl ignores dns_whitelist_soft #203

Open
salvis opened this issue Jan 25, 2015 · 3 comments
Open

dnsbl ignores dns_whitelist_soft #203

salvis opened this issue Jan 25, 2015 · 3 comments

Comments

@salvis
Copy link
Contributor

salvis commented Jan 25, 2015

Here's what I'm seeing in 7-debug-2015-01-22_121515.log:

dns_whitelist_soft
waiting for whitelist dns
done waiting for whitelist dns, got 1 answers ...
name 18.208.239.213.list.dnswl.org
got txt record
Host 213.239.208.18 is whitelisted: hoststar.ch http://dnswl.org/s?s=2441
Plugin dns_whitelist_soft, hook rcpt returned DECLINED,
dnsbl
...
naughty
disconnecting
Plugin naughty, hook data returned DENYHARD, Listed http://www.spamsources.fabel.dk/ip/213.239.208.18

Is it possible to get dnsbl to respect dns_whitelist_soft?

Hans
@reetp
Copy link

reetp commented Aug 18, 2016
edited
Loading

Not sure if this is massively relevant BUT... I had a similar issue on an older version of qpsmtpd where dnsbl would not respect whitelists. Each plugin generates information, but does not check others.

I added some bits to the dnsbl plugin in the sub hook_rcpt section that might assist (this is just a pointer - don't read it as gospel !):

Check for whitelisthelo from whitelist_soft

my $whitehelo = $connection->notes('whitelisthelo');
if ($whitehelo) {
  $self->log(LOGINFO, "Whitelisthelo found $whitehelo");
  return OK;
  }
else {
  $self->log(LOGINFO, "Whitelisthelo not found");
}

Check for whitelistsender from whitelist_soft

my $whitesender = $transaction->notes('whitelistsender');
if ($whitesender) {
  $self->log(LOGINFO, "Whitelistsender found $whitesender");
  return OK;
  }
else {
  $self->log(LOGINFO, "Whitelistsender not found");
 }

Personally I think that all plugins should honour white/black lists.

Note that your issue seems to be with the naughty plugin but you could get them both to respect whitelists as above.

@msimerson
Copy link
Member

msimerson commented Feb 21, 2017
edited
Loading

I think that all plugins should honour white/black lists.

That would be convenient, but #223 is what happens when that thought is taken too far.. ;)

@reetp
Copy link

reetp commented Feb 21, 2017

I'm sure every plugin could have its exceptions :-)

At the end of the day it is up to the admin to decide what he wants to pass or block. Getting plugins to honour whitelists is a tool. The admin is the arbiter.

Perhaps some sort of switch per plugin ? Or a conf file 'whitelist enable for plugin x y z'

It still goes back to having code per plugin that will read/honour whitelist output as per my scrappy example above.

Just thinking out loud.

Might save a lot of head scratching with people who enable whitelists but then do not understand why they do no seem to work.....

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@msimerson @salvis @reetp