SYSTEM WARNING: 'date_default_timezone_get(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone.' in '/usr/share/mantis/www/core.php' line 264

0004232: Enabling Greylisting in Endian 2.5 blocks incoming mail - MantisBT
MantisBT - Endian Firewall
View Issue Details
0004232Endian FirewallProxy SMTPpublic2012-01-02 21:482012-01-05 09:55
Sota 
davide-endian 
normalmajoralways
resolvedfixed 
2.4.1 
 
0004232: Enabling Greylisting in Endian 2.5 blocks incoming mail
Clean install of Endian 2.5. If I configure the SMTP proxy and enable the Greylisting anti-spam feature, incoming mail is blocked and the sending server receives the following:

SMTP -> FROM SERVER:
451 4.3.5 Server configuration problem
SMTP -> ERROR: RCPT not accepted from server: 451 4.3.5 Server configuration problem
Turning off the greylisting and restarting the SMTP proxy clears the problem.
No tags attached.
txt maillog.txt (6,036) 2012-01-04 21:47
https://bugs.endian.com/file_download.php?file_id=899&type=bug
? main.cf (2,214) 2012-01-04 21:48
https://bugs.endian.com/file_download.php?file_id=900&type=bug
? postgrey.conf (487) 2012-01-04 21:48
https://bugs.endian.com/file_download.php?file_id=901&type=bug
Issue History
2012-01-02 21:48SotaNew Issue
2012-01-03 14:29christian-endianStatusnew => acknowledged
2012-01-03 15:31davide-endianNote Added: 0007595
2012-01-03 15:31davide-endianAssigned To => davide-endian
2012-01-03 15:31davide-endianStatusacknowledged => feedback
2012-01-03 17:14SotaNote Added: 0007597
2012-01-04 16:50davide-endianNote Added: 0007602
2012-01-04 21:47SotaFile Added: maillog.txt
2012-01-04 21:48SotaFile Added: main.cf
2012-01-04 21:48SotaFile Added: postgrey.conf
2012-01-04 21:49SotaNote Added: 0007603
2012-01-05 09:55davide-endianNote Added: 0007605
2012-01-05 09:55davide-endianStatusfeedback => resolved
2012-01-05 09:55davide-endianResolutionopen => fixed

Notes
(0007595)
davide-endian   
2012-01-03 15:31   
Unable to reproduce; I've enabled greylisting and tried with:
- only some Whitelist recipient,
- only some Whitelist client,
- both of the above at the same time.

The smtp proxy was always able to deliver emails.

Is it possible to have the details of the configuration?

Thanks!
(0007597)
Sota   
2012-01-03 17:14   
The problem is with receiving e-mail. The error message I quote above is what the remote SMTP server gets when it tried to deliver e-mail to the Endian box. The SMTP proxy is set to "Active" on RED and "Transparent" on Green.
The configuration is a duplicate of what I had on 2.4.1 and I've wiped and reinstalled the software twice with the same result.
(0007602)
davide-endian   
2012-01-04 16:50   
Thank you very much for the information.
I've reproduced your environment as much as possible, but still can't get the error under no circumstances.

If possible, you can provide your /etc/postfix/main.cf and /etc/postfix/postgrey.conf (having care to remove any information you don't want to be made public).

Another thing that you can try, is to check if postgrey is really running:
    ps faux | grep postgrey


As a last resort, you can try this:
1. stop postgrey.
2. _move_ any file under /var/spool/postfix/postgrey/ to another directory.
3. restart postgrey.

it's possible that the postgrey db is corrupted.
(0007603)
Sota   
2012-01-04 21:49   
Files uploaded as requested as wall as section from /var/log/maillog showing test mail arriving first with greylisting off and then with it on.

Postgrey service seems to be running, but there are no files in /var/spool/postfix/postgrey/
(0007605)
davide-endian   
2012-01-05 09:55   
A wrong value of the greylist-text parameter in /etc/postfix/postgrey.conf prevented postgrey to start.

Thank you very much for the report; the problem should be fixed in the upcoming efw-smtpscan 2.7.6 package.