check
- RBLWL
- denySMTPConnectionsFrom
- denySMTPConnectionsFromAlways
>What I will do is add a range of IPs to the blacklist (say a /24 or /16)
and then whitelist specific IPs within that range.
I don't recommend to do it this way.
Let's say you added 10.0.0.0/8 to denySMTPConnectionsFrom and you use the
IP action dialog to remove 10.1.1.1 from this list, assp will modify this
line in to
##########
# modified - removed: 10.1.1.1 from >10.0.0.0/8<
# low CIDR: 10.0.0.0/16 10.1.0.0/24 10.1.1.0/32
# high CIDR: 10.1.1.2/31 10.1.1.4/30 10.1.1.8/29 10.1.1.16/28 10.1.1.32/27
10.1.1.64/26 10.1.1.128/25 10.1.2.0/23 10.1.4.0/22 10.1.8.0/21
10.1.16.0/20 10.1.32.0/19 10.1.64.0/18 10.1.128.0/17 10.2.0.0/15
10.4.0.0/14 10.8.0.0/13 10.16.0.0/12 10.32.0.0/11 10.64.0.0/10
10.128.0.0/9
##########
10.0.0.0-10.1.1.0
10.1.1.2-10.255.255.255
So keep your lists logical clean!
Thomas
Von: Farokh <far...@besttechsvc.com>
An: assp-user@lists.sourceforge.net
Datum: 15.03.2017 18:13
Betreff: [Assp-user] Blacklist vs Whitelist...
Good day everyone.
I'm fairly new to ASSP but am setting it up to replace an existing (but no
longer supported) spam solution I've been using.
My question concerns using DNS based blacklists and whitelists. I have two
sets of DNS based lists running on bind. One is a blacklist and one is a
whitelist. What I will do is add a range of IPs to the blacklist (say a
/24 or /16) and then whitelist specific IPs within that range. For example
(using non-routeable IPs):
Blacklist - 10.0.0.0/8
Whitelist - 10.100.23.15/32
ASSP flags anything coming from 10.100.23.15 as spam, even though it's
whitelisted. When I run the real IP through the mail analyzer, I get the
following (replacing the actual IP with 10.100.23.15):
• URIBL check: 'OK'
• RBLCacheCheck returned OK for 10.100.23.15: inserted as not ok at
2017-03-15 11:58:22 , listed by bl.mcf.com{127.0.0.2} - message score: 10
• RBLScore: bl.mcf.com -> 127.0.0.2 -> 10
• 10.100.23.15 is in PTRCache: status=PTR OK - mail.tcmsp.net
• 10.100.23.15 is in RWLCache: status=not listed
• 10.100.23.15 SenderBase: status=not classified, ...
If I use nslookup to lookup ip address in the whitelist, I get a 127.0.0.3
return value, which is what I expect.
Do I have something configured incorrectly that is preventing the
whitelist from overriding the blacklist?
Any pointers would be appreciated.
Thanks.
Farokh
----------------------------------------------------------------------------
Best Tech Service, LLC - When only the Best will do...
For all your technology needs including hosting solutions.
Cell: 914-262-1594
Like us on facebook: https://www.facebook.com/besttechsvc
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Assp-user mailing list
Assp-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-user
DISCLAIMER:
*******************************************************
This email and any files transmitted with it may be confidential, legally
privileged and protected in law and are intended solely for the use of the
individual to whom it is addressed.
This email was multiple times scanned for viruses. There should be no
known virus in this email!
*******************************************************
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Assp-user mailing list
Assp-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-user
