Thanks, but I may not have been clear enough in my original post. I'm
using a database to maintain my blacklist and whitelist. Whenever I make
changes, I export them in a format for bind to use replacing the two
zone files completely, and then relying on blacklist and whitelist DNS
lookups to accept or reject emails.
My RBLWL is off.
denySMTPConnectionsFrom is a file with just a couple of lines in it.
denySMTPConnectionsFromAlways is the default file that comes with ASSP -
I haven't made any changes to it.
Again, I'm trying to do this completely using DNS based blacklisting and
whitelisting.
Thanks.
Farokh
----------------------------------------------------------------------------
Best Tech Service, LLC- When only the Best will do...
For all your technology needs including hosting solutions.
Cell: 914-262-1594
Like us on facebook: https://www.facebook.com/besttechsvc
Thomas Eckardt wrote:
check
- RBLWL
- denySMTPConnectionsFrom
- denySMTPConnectionsFromAlways
>What I will do is add a range of IPs to the blacklist (say a /24 or
/16) and then whitelist specific IPs within that range.
I don't recommend to do it this way.
Let's say you added 10.0.0.0/8 to denySMTPConnectionsFrom and you use
the IP action dialog to remove 10.1.1.1 from this list, assp will
modify this line in to
##########
# modified - removed: 10.1.1.1 from >10.0.0.0/8<
# low CIDR: 10.0.0.0/16 10.1.0.0/24 10.1.1.0/32
# high CIDR: 10.1.1.2/31 10.1.1.4/30 10.1.1.8/29 10.1.1.16/28
10.1.1.32/27 10.1.1.64/26 10.1.1.128/25 10.1.2.0/23 10.1.4.0/22
10.1.8.0/21 10.1.16.0/20 10.1.32.0/19 10.1.64.0/18 10.1.128.0/17
10.2.0.0/15 10.4.0.0/14 10.8.0.0/13 10.16.0.0/12 10.32.0.0/11
10.64.0.0/10 10.128.0.0/9
##########
10.0.0.0-10.1.1.0
10.1.1.2-10.255.255.255
So keep your lists logical clean!
Thomas
Von: Farokh <[email protected]>
An: [email protected]
Datum: 15.03.2017 18:13
Betreff: [Assp-user] Blacklist vs Whitelist...
------------------------------------------------------------------------
Good day everyone.
I'm fairly new to ASSP but am setting it up to replace an existing
(but no longer supported) spam solution I've been using.
My question concerns using DNS based blacklists and whitelists. I have
two sets of DNS based lists running on bind. One is a blacklist and
one is a whitelist. What I will do is add a range of IPs to the
blacklist (say a /24 or /16) and then whitelist specific IPs within
that range. For example (using non-routeable IPs):
Blacklist - 10.0.0.0/8
Whitelist - 10.100.23.15/32
ASSP flags anything coming from 10.100.23.15 as spam, even though it's
whitelisted. When I run the real IP through the mail analyzer, I get
the following (replacing the actual IP with 10.100.23.15):
• URIBL check: 'OK'
• RBLCacheCheck returned OK for 10.100.23.15: inserted as not ok at
2017-03-15 11:58:22 , listed by bl.mcf.com{127.0.0.2} - message score: 10
• RBLScore: bl.mcf.com -> 127.0.0.2 -> 10
• 10.100.23.15 is in PTRCache: status=PTR OK - mail.tcmsp.net
• 10.100.23.15 is in RWLCache: status=not listed
• 10.100.23.15 SenderBase: status=not classified, ...
If I use nslookup to lookup ip address in the whitelist, I get a
127.0.0.3 return value, which is what I expect.
Do I have something configured incorrectly that is preventing the
whitelist from overriding the blacklist?
Any pointers would be appreciated.
Thanks.
Farokh
----------------------------------------------------------------------------
Best Tech Service, LLC - When only the Best will do...
For all your technology needs including hosting solutions.
Cell: 914-262-1594
Like us on facebook: _https://www.facebook.com/besttechsvc_
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org!
http://sdm.link/slashdot_______________________________________________
Assp-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/assp-user
DISCLAIMER:
*******************************************************
This email and any files transmitted with it may be confidential,
legally privileged and protected in law and are intended solely for
the use of the
individual to whom it is addressed.
This email was multiple times scanned for viruses. There should be no
known virus in this email!
*******************************************************
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Assp-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/assp-user
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Assp-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/assp-user
