Re: [qmailtoaster] spamdyke spf block - whitelist not working

Mon, 24 Jul 2023 06:10:57 -0700 

Leonardo,

Did you see the option to block DNS? Or did you try this?


   DNS Whitelists


     |dns-whitelist-entry|
     |dns-whitelist-file|
     |rhs-whitelist-entry|
     |rhs-whitelist-file|
spamdyke has the ability to consult DNS whitelists and allow connections from hosts or senders who match entries on them. DNS whitelists are essentially DNS RBLs and DNS RHSBLs that list allowed IP addresses and domain names instead of blocked ones. All of the same cautionary statements apply to DNS whitelists as to DNS blacklists. SeeDNS RBLs <https://www.spamdyke.org/documentation/README.html#DNSRBL>andDNS RHSBLs <https://www.spamdyke.org/documentation/README.html#DNSRHSBL>for details.
To use a DNS Realtime Whitelist (the opposite of a DNS RBL), the option|dns-whitelist-entry|should be given. To use a DNS Righthand-side Whitelist, the option|rhs-whitelist-entry|should be given. By default, spamdyke does not use a DNS whitelist. If either option is given multiple times, each list will be consulted before the connection is blocked.
If more than a few lists are given, the|dns-whitelist-file|or|rhs-whitelist-file|options may be used to provide the lists in files.
*NOTE: Checking DNS whitelists can impose a serious performance penalty. Using more than three DNS whitelists is not recommended.* 

*
*

*
*

On 7/24/2023 6:23 AM, Leonardo Porto wrote:


Hello there,
My Toaster is blocking a customer domain because they are sending messages from a Google server that is not allowed in their SPF policy:
Jul 21 10:28:45 app1 spamdyke[24853]: DENIED_OTHER from: [email protected] to: user@mydomain origin_ip: 209.85.215.172 origin_rdns: mail-pg1-f172.google.com auth: (unknown) encryption: TLS reason: 550_See_http://spf.pobox.com/why.html?sender=person%40jeduca.org.br&ip=209.85.215.172&receiver=myserver_(#5.7.1) 

As you can see at their SPF checking:

https://www.spf-record.com/spf-lookup/jeduca.org.br?ip=209.85.215.172
Everytime they send a messagem it comes from a diverse IP so I tried to whitelist them at /etc/spamdyke/whitelist_senders putting one sender per line but it did not work. 

Do you guys have any adivise?

qmail-1.03-3.1.qt.el7.x86_64
spamdyke 5.0.1+TLS+CONFIGTEST+DEBUG
Centos 7

Reply via email to