>you can notice that the address is whitelisted but still blocked as spam by DNSBL
I can't see it ! There are no lines before Oct-02-14 11:27:13 m1-34830-04906 [Worker_1] [DNSBL] 172.29.1.106 <amar...@partner.samsung.com> to: kannan.ramakrish...@gcg.ae [scoring] (DNSBL: neutral, 210.118.77.13 listed in (l2.apews.org<-127.0.0.2; )) posted Thomas Von: Nadeem Abdulla <nadeem.abdu...@abaninvestment.com> An: ASSP development mailing list <assp-test@lists.sourceforge.net> Datum: 13.10.2014 09:09 Betreff: Re: [Assp-test] Whitelisted Domain | still getting blocked by DNSBL Hi Thomas, 'NotGreedyWhitelist' is set to (1) = "check all addresses" ; I think this option should allow to bypass the email if any of the addresses are whitelisted. If you see the logs in my first email below; you can notice that the address is whitelisted but still blocked as spam by DNSBL. Regards, Nadeem -----Original Message----- From: Thomas Eckardt [mailto:thomas.ecka...@thockar.com] Sent: Monday, October 13, 2014 10:51 AM To: ASSP development mailing list Subject: Re: [Assp-test] Whitelisted Domain | still getting blocked by DNSBL >But still for some emails with whitelisted sender address; they are >still being checked for DNSBL and blocked as spam. This is not possible! At least and last, the decision if a mail is processed as whitelisted depends on the setting of 'NotGreedyWhitelist' ! If no redlisted recipient is found and if a sender address or domain is detected as whitelisted and the mail matches the rule defined in 'NotGreedyWhitelist' at the moment the mail comes in - the DNSBL/RBL check will never be done. If a whitelisted sender or domain is found, you'll see any of the following lines in the log: Whitelisted sender Domain: .... Whitelisted sender address: ... for recipient ... If 'NotGreedyWhitelist' is set to (2) = "only consider whitelisted if ALL match" and a not whitelisted address is found, the log will show: found NOT whitelisted sender address: .... not all senders addresses are whitelisted - not white (NotGreedyWhitelist) Thomas Von: Nadeem Abdulla <nadeem.abdu...@abaninvestment.com> An: ASSP development mailing list <assp-test@lists.sourceforge.net> Datum: 13.10.2014 07:33 Betreff: Re: [Assp-test] Whitelisted Domain | still getting blocked by DNSBL Hi Thomas, For me this option is not set or checked[Whitelisted DNSBL Validation (RBLWL)]. But still for some emails with whitelisted sender address; they are still being checked for DNSBL and blocked as spam. Kindly advise what could be wrong? Regards, Nadeem -----Original Message----- From: Thomas Eckardt [mailto:thomas.ecka...@thockar.com] Sent: Monday, October 13, 2014 9:09 AM To: ASSP development mailing list Subject: Re: [Assp-test] Whitelisted Domain | still getting blocked by DNSBL >if the sender address is whitelisted DNSBL should not be checked, right? Yes, if 'RBLWL' is not set. Thomas Von: Nadeem Abdulla <nadeem.abdu...@abaninvestment.com> An: ASSP development mailing list <assp-test@lists.sourceforge.net> Datum: 12.10.2014 07:52 Betreff: Re: [Assp-test] Whitelisted Domain | still getting blocked by DNSBL Hi Thomas, Thank you for your reply. As you can see in the below log the sender address is also whitelisted. * Whitelisted Domains<http://172.29.1.109:55555/#whiteListedDomains>: 'amar...@partner.samsung.com'<javascript:void(0);> Please correct me if I am wrong; if the sender address is whitelisted DNSBL should not be checked, right? Regards, Nadeem -----Original Message----- From: Thomas Eckardt [mailto:thomas.ecka...@thockar.com] Sent: Sunday, October 12, 2014 9:17 AM To: ASSP development mailing list Subject: Re: [Assp-test] Whitelisted Domain | still getting blocked by DNSBL >Oct-02-14 11:27:13 m1-34830-04906 [Worker_1] [DNSBL] 172.29.1.106 <amar...@partner.samsung.com> to: kannan.ramakrish...@gcg.ae [scoring] (DNSBL: neutral, 210.118.77.13 listed in (l2.apews.org<-127.0.0.2; )) >Oct-02-14 11:27:13 m1-34830-04906 [Worker_1] 172.29.1.106 <amar...@partner.samsung.com> to: kannan.ramakrish...@gcg.ae Regex:White 'Gulf Commercial Group' >Oct-02-14 11:27:13 m1-34830-04906 [Worker_1] 172.29.1.106 <amar...@partner.samsung.com> to: kannan.ramakrish...@gcg.ae Regex:Noprocessing 'Gulf Commercial Group' The DNSBL check is a header check - so it is done after the mail header is received. At this time the mail is still NOT whitelisted! Your white regex matches in the body. ASSP does NOT back trace previously finished checks, if a mail is tagged as whitelisted or noprocessing (or other) because of the mail content. Thomas Von: Nadeem Abdulla <nadeem.abdu...@abaninvestment.com> An: ASSP development mailing list <assp-test@lists.sourceforge.net> Datum: 02.10.2014 09:59 Betreff: [Assp-test] Whitelisted Domain | still getting blocked by DNSBL Hi, Good Day! Please see the below logs. The address is whitelisted still it is getting blocked as spam by DNSBL. * Whitelisted Domains<http://172.29.1.109:55555/#whiteListedDomains>: 'amar...@partner.samsung.com'<javascript:void(0);> * Whitelisted Domains<http://172.29.1.109:55555/#whiteListedDomains>: 'mustafa...@partner.samsung.com'<javascript:void(0);> * Whitelisted Domains<http://172.29.1.109:55555/#whiteListedDomains>: 'aha...@partner.samsung.com'<javascript:void(0);> * Whitelisted Domains<http://172.29.1.109:55555/#whiteListedDomains>: 'red...@partner.samsung.com'<javascript:void(0);> * SPF-check returned OK for 172.29.1.106 -> amar...@partner.samsung.com< javascript:void(0);>, witness.ghobash.local * White RE<http://172.29.1.109:55555/#whiteRe>: 'Gulf Commercial Group' * matching whiteRe(Gulf Commercial Group): 'Gulf Commercial Group' * No Processing RE<http://172.29.1.109:55555/#npRe>: 'Gulf Commercial Group' * matching npRe(Gulf Commercial Group): 'Gulf Commercial Group' * URIBL check<http://172.29.1.109:55555/#ValidateURIBL>: 'OK' * Valid Format of HELO<http://172.29.1.109:55555/#DoValidFormatHelo>: 'witness.ghobash.local' * IP in Helo check<http://172.29.1.109:55555/#DoIPinHelo>: 'OK' * 203.254.199.212<javascript:void(0);> is in PB Black< http://172.29.1.109:55555/#pbdb>: score:17, last event - DNSBLneutral * 203.254.199.245<javascript:void(0);> is in PB Black< http://172.29.1.109:55555/#pbdb>: score:34, last event - DNSBLneutral * 210.118.77.13<javascript:void(0);> is in PB Black< http://172.29.1.109:55555/#pbdb>: score:17, last event - DNSBLneutral * 172.29.1.106 is in PB White<http://172.29.1.109:55555/#pbdb> * RBLCacheCheck returned OK for 106.141.250.2<javascript:void(0);>: inserted as ok at 2014-10-02 11:27:12 * RBLCacheCheck returned OK for 203.254.199.212<javascript:void(0);>: inserted as not ok at 2014-10-02 11:27:13 , listed by l2.apews.org{127.0.0.2} - message score: 17 * RBLScore: l2.apews.org -> 127.0.0.2 -> 17 * RBLCacheCheck returned OK for 203.254.199.245<javascript:void(0);>: inserted as not ok at 2014-10-02 11:27:13 , listed by l2.apews.org{127.0.0.2} - message score: 17 * RBLScore: l2.apews.org -> 127.0.0.2 -> 17 * RBLCacheCheck returned OK for 210.118.77.13<javascript:void(0);>: inserted as not ok at 2014-10-02 11:27:13 , listed by l2.apews.org{127.0.0.2} - message score: 17 * RBLScore: l2.apews.org -> 127.0.0.2 -> 17 * RBLCheck returned OK for 172.29.1.106: * 172.29.1.106 is in PTRCache: status=PTR OK - sonic.ghobash.com. * RWLcheck returned OK for 172.29.1.106 : status=unknown Oct-02-14 11:27:13 m1-34830-04906 [Worker_1] [DNSBL] 172.29.1.106 <amar...@partner.samsung.com> to: kannan.ramakrish...@gcg.ae [scoring] (DNSBL: neutral, 210.118.77.13 listed in (l2.apews.org<-127.0.0.2; )) Oct-02-14 11:27:13 m1-34830-04906 [Worker_1] 172.29.1.106 <amar...@partner.samsung.com> to: kannan.ramakrish...@gcg.ae Regex:White 'Gulf Commercial Group' Oct-02-14 11:27:13 m1-34830-04906 [Worker_1] 172.29.1.106 <amar...@partner.samsung.com> to: kannan.ramakrish...@gcg.ae Regex:Noprocessing 'Gulf Commercial Group' Oct-02-14 11:27:13 m1-34830-04906 [Worker_1] [MessageLimit] 172.29.1.106 <amar...@partner.samsung.com> to: kannan.ramakrish...@gcg.ae [spam found] (MessageScore 51, limit 50) [5107007237 Mrs Erlin Oriendo 0522448213] -> discarded/5107007237_Mrs_Erlin_Oriendo_0522448213--101941.eml; Regards, Nadeem Abdulla ICT Administrator Ghobash Trading & Investment Co. Ltd Makeen Building, Airport Road Dubai, United Arab Emirates Dubai P.O.Box 2929, Office : +971-04-2999440 ,Extn:5215 M: +971504216865 www.ghobashgroup.com<http://www.ghobashgroup.com/> Disclaimer The information transmitted in this email, including all attached files, is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any access to this information by anyone other than the intended recipient(s) is unauthorized and strictly prohibited. ABAN INVESTMENT LLC. <http://www.abaninvestment.com/> ------------------------------------------------------------------------------ Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk _______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test DISCLAIMER: ******************************************************* This email and any files transmitted with it may be confidential, legally privileged and protected in law and are intended solely for the use of the individual to whom it is addressed. This email was multiple times scanned for viruses. There should be no known virus in this email! ******************************************************* ------------------------------------------------------------------------------ Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://p.sf.net/sfu/Zoho _______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test ------------------------------------------------------------------------------ Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://p.sf.net/sfu/Zoho _______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test DISCLAIMER: ******************************************************* This email and any files transmitted with it may be confidential, legally privileged and protected in law and are intended solely for the use of the individual to whom it is addressed. This email was multiple times scanned for viruses. There should be no known virus in this email! ******************************************************* ------------------------------------------------------------------------------ Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://p.sf.net/sfu/Zoho _______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test ------------------------------------------------------------------------------ Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://p.sf.net/sfu/Zoho _______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test DISCLAIMER: ******************************************************* This email and any files transmitted with it may be confidential, legally privileged and protected in law and are intended solely for the use of the individual to whom it is addressed. This email was multiple times scanned for viruses. There should be no known virus in this email! ******************************************************* ------------------------------------------------------------------------------ Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://p.sf.net/sfu/Zoho _______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test ------------------------------------------------------------------------------ Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://p.sf.net/sfu/Zoho _______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test DISCLAIMER: ******************************************************* This email and any files transmitted with it may be confidential, legally privileged and protected in law and are intended solely for the use of the individual to whom it is addressed. This email was multiple times scanned for viruses. There should be no known virus in this email! ******************************************************* ------------------------------------------------------------------------------ Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://p.sf.net/sfu/Zoho _______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test
