Difference between revisions of "Email Whitelist-Blacklist Control"
m |
|||
(17 intermediate revisions by 5 users not shown) | |||
Line 1: | Line 1: | ||
+ | {{Languages}} | ||
+ | |||
===Maintainer=== | ===Maintainer=== | ||
− | Originally developed by Darrell May. | + | Originally developed by Darrell May.<br /> |
− | + | [mailto:stephdl@de-labrusse.fr stephdl] Stéphane de Labrusse AKA [[User:stephdl|Stephdl]]<br /> | |
+ | |||
+ | === Version === | ||
+ | {{ #smeversion: smeserver-wbl }} | ||
===Description=== | ===Description=== | ||
Line 18: | Line 23: | ||
1. Install package: | 1. Install package: | ||
+ | *'''For SME 8''' | ||
yum --enablerepo smecontribs install smeserver-wbl | yum --enablerepo smecontribs install smeserver-wbl | ||
+ | * '''For SME 9''' | ||
+ | yum install --enablerepo=smecontribs smeserver-wbl | ||
− | 2. Reconfigure machine: | + | 2. Reconfigure machine: |
+ | signal-event console-save | ||
+ | or if you prefer to reboot your server | ||
signal-event post-upgrade; signal-event reboot | signal-event post-upgrade; signal-event reboot | ||
− | Once you do this a new menu item will be visable in the Server-Manager on the left hand side, called E-mail WBL. Clicking on this will present you with | + | Once you do this a new menu item will be visable in the Server-Manager on the left hand side, called E-mail WBL. Clicking on this will present you with 2 buttons. |
'''E-mail WBL''' | '''E-mail WBL''' | ||
E-mail traffic is scanned and may be blocked due to the various screening methods enabled. | E-mail traffic is scanned and may be blocked due to the various screening methods enabled. | ||
You may use this panel to define e-mail white/black lists. | You may use this panel to define e-mail white/black lists. | ||
Black lists are used for rejecting e-mail traffic. | Black lists are used for rejecting e-mail traffic. | ||
− | '''[ | + | '''[Black List]''' |
White lists are used for accepting e-mail traffic. | White lists are used for accepting e-mail traffic. | ||
− | '''[ | + | '''[White List]''' |
− | |||
− | |||
− | |||
− | If you press the | + | If you press the Black List button you will see the following window. |
[[File:email-Reject.jpg]] | [[File:email-Reject.jpg]] | ||
− | If you press the | + | If you press the White List button you will see the following window. |
− | [[File:Email-accept.jpg]] | + | [[File:Email-accept.jpg|842px]] |
− | And finally If you press the | + | And finally If you press the SAVE button you will simply be presented with one button to; |
Execute the email-update event now to restart services and load in your changes. | Execute the email-update event now to restart services and load in your changes. | ||
This will apply any of the changes you made in the Reject or Accept windows. | This will apply any of the changes you made in the Reject or Accept windows. | ||
− | |||
===Usage Examples=== | ===Usage Examples=== | ||
− | Black Lists: REJECT | + | ====Black Lists: REJECT==== |
The '''qpsmtpd badhelo''' is effective in examining the SMTP HELO string and then block mail based on this string. Entries follow the following format. | The '''qpsmtpd badhelo''' is effective in examining the SMTP HELO string and then block mail based on this string. Entries follow the following format. | ||
Line 60: | Line 66: | ||
Now simply add the IP address you found in the HELO line. | Now simply add the IP address you found in the HELO line. | ||
123.111.123.321 | 123.111.123.321 | ||
+ | |||
+ | Badmailfrom | ||
+ | @host or user@host | ||
+ | |||
+ | ====White Lists: ACCEPT==== | ||
+ | |||
+ | Whitelisthosts - see this post http://forums.contribs.org/index.php/topic,51429.0.html | ||
+ | |||
+ | Single IP | ||
+ | 192.168.10.1 | ||
+ | |||
+ | Subnets | ||
+ | 192.168.10. (be careful - with no trailing . you match 192.168.100 - 192.168.109. ) | ||
+ | 192.168 | ||
+ | |||
+ | WhitelistHELO | ||
+ | host.domain.com | ||
+ | |||
+ | Whitelistsenders | ||
+ | joe@foo.com | ||
+ | foo.com | ||
=== Known Issues === | === Known Issues === | ||
+ | |||
+ | See bugs below | ||
=== Bugs === | === Bugs === | ||
Please raise bugs under the SME Contribs section in {{BugzillaFileBug|product=SME%20Contribs|component=smeserver-wbl|title=bugzilla}}. | Please raise bugs under the SME Contribs section in {{BugzillaFileBug|product=SME%20Contribs|component=smeserver-wbl|title=bugzilla}}. | ||
− | + | {{#bugzilla:columns=id,product,version,status,summary |sort=id |order=desc |component=smeserver-wbl |noresultsmessage="No open bugs found."}} | |
---- | ---- | ||
[[Category: Contrib]] | [[Category: Contrib]] | ||
[[Category: Mail]] | [[Category: Mail]] | ||
[[Category: Administration:Content Spam Virus Blocking]] | [[Category: Administration:Content Spam Virus Blocking]] |
Revision as of 22:16, 17 November 2019
Maintainer
Originally developed by Darrell May.
stephdl Stéphane de Labrusse AKA Stephdl
Version
Description
This contrib provides a server-manager panel to designate user defined email whitelists and blacklists.
An email whitelist is a list of hosts, domains, or email addresses which will be accepted by SME Server regardless of possible spam content or origin. Administrators should use caution when using whitelists as email coming from whitelisted addresses will bypass many of the mechanisms that SME provides for identifying unsafe email messages.
An email blacklist is a list of hosts, domains, or email addresses that will be blocked all of the time.
Installation
Install of the lastest Email Whitelist-Blacklist package is from the smecontribs repo:
1. Install package:
- For SME 8
yum --enablerepo smecontribs install smeserver-wbl
- For SME 9
yum install --enablerepo=smecontribs smeserver-wbl
2. Reconfigure machine:
signal-event console-save
or if you prefer to reboot your server
signal-event post-upgrade; signal-event reboot
Once you do this a new menu item will be visable in the Server-Manager on the left hand side, called E-mail WBL. Clicking on this will present you with 2 buttons.
E-mail WBL E-mail traffic is scanned and may be blocked due to the various screening methods enabled. You may use this panel to define e-mail white/black lists. Black lists are used for rejecting e-mail traffic. [Black List] White lists are used for accepting e-mail traffic. [White List]
If you press the Black List button you will see the following window.
If you press the White List button you will see the following window.
And finally If you press the SAVE button you will simply be presented with one button to;
Execute the email-update event now to restart services and load in your changes.
This will apply any of the changes you made in the Reject or Accept windows.
Usage Examples
Black Lists: REJECT
The qpsmtpd badhelo is effective in examining the SMTP HELO string and then block mail based on this string. Entries follow the following format.
something.a.somehost.com
To find the proper string to enter on the qpsmtp badhelo line. 1. Open an offending email. 2. Open the header of the email. 3. Look for a line that says, (HELO something.a.somehost.com) Partial strings will not work, E.G. in the previous example somehost.com will not work. It must be the complete HELO string.
Alternatively you may use the ip address. Again look in the header for the Helo line. It may look something like this,
Received: from smtprelay0207.c.somehost.com (HELO smtprelay.c.somehost.com) (123.111.123.321) Now simply add the IP address you found in the HELO line.
123.111.123.321
Badmailfrom
@host or user@host
White Lists: ACCEPT
Whitelisthosts - see this post http://forums.contribs.org/index.php/topic,51429.0.html
Single IP
192.168.10.1
Subnets
192.168.10. (be careful - with no trailing . you match 192.168.100 - 192.168.109. ) 192.168
WhitelistHELO
host.domain.com
Whitelistsenders
joe@foo.com foo.com
Known Issues
See bugs below
Bugs
Please raise bugs under the SME Contribs section in bugzilla .
ID | Product | Version | Status | Summary (6 tasks) ⇒ |
---|---|---|---|---|
12649 | SME Contribs | 11.0 | CONFIRMED | SME11 remove /etc/e-smith/templates/var/service/qpsmtpd/config/badmailfrom |
10472 | SME Contribs | Futur | CONFIRMED | NFR Add subnet checking to whitelist hosts |
10117 | SME Contribs | Futur | CONFIRMED | add support for URIBL |
9276 | SME Contribs | 8.2 | CONFIRMED | design and documentation of qpsmtpd wbl vs spamassassin white or black lists |
9275 | SME Contribs | 8.2 | CONFIRMED | wbl whitelist status switch does nothing in server manager |
4664 | SME Contribs | 7.3 | CONFIRMED | Redesign wbl dbase to improve efficiency |