SYSTEM WARNING: 'date_default_timezone_get(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone.' in '/usr/share/mantis/www/core.php' line 264
|Anonymous | Login||2020-01-17 19:44 UTC|
|Main | My View | View Issues | Change Log | Roadmap|
|View Issue Details|
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0000273||Endian Firewall||GUI||public||2007-10-17 15:03||2011-04-21 13:18|
|Target Version||Fixed in Version||2.2-beta1|
|Summary||0000273: SMTP SASL authentication gets overriden by RBLs|
|Description||When SASL authentication is turned on (IMAP Server for SMTP authentication on Advanced Tab) the daemon runs and authenticates remote clients properly.|
Nevertheless the connection gets rejected due to e.g. a DUL RBL.
Postfix main.cf should have permit_sasl_authenticated before the RBL entries:
smtpd_client_restrictions = check_client_access cidr:/etc/postfix/client_rules,
permit_sasl_authenticated,reject_rbl_client cbl.abuseat.org,reject_rbl_client du
|Additional Information||Change /usr/local/bin/restartsmtpd.py|
diff restartsmtpd.py restartsmtpd.py.ORG
< # (WDS) SASL Auth check will be enabled, allow authenticated clients:
< if config_values.has_key('smtpd_imap_auth_enabled') and config_values.has_key('imap_auth_server') and config_values['smtpd_imap_auth_enabled'] == '1':
< config_values['smtpd_client_restrictions'] += ", permit_sasl_authenticated"
|Tags||No tags attached.|
this makes sense. i added it
thank you very much!
I have a similar issue on Endian Firewall Appliance release 2.4-0 (Deployset #0) full patched. While accessing smtp service from outside clients gets classified as SPAM.
Most of the score is due to firewall is ignoring authenticated client.
I also took a look into main.cf. There is no statment about exemptions for
sasl authenticated clients.
Pkte Regelname Beschreibung
---- ---------------------- --------------------------------------------------
0.0 FSL_HELO_NON_FQDN_1 FSL_HELO_NON_FQDN_1
0.2 MULTIPART_ALTERNATIVE Multipart/Alternative
2.0 RCVD_NONFQDN_HELO Received: a non FQDN HELO
3.3 RCVD_IN_PBL RBL: Received via a relay in Spamhaus PBL
[220.127.116.11 listed in zen.spamhaus.org]
1.4 RCVD_IN_BRBL_LASTEXT RBL: RCVD_IN_BRBL_LASTEXT
[18.104.22.168 listed in bb.barracudacentral.org]
1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,
[22.214.171.124 listed in bl.score.senderscore.com]
0.0 HTML_MESSAGE BODY: Nachricht enthält HTML
0.8 BAYES_50 BODY: Spamwahrscheinlichkeit nach Bayes-Test: 40-60%
0.0 HELO_NO_DOMAIN Relay reports its domain incorrectly
1.5 RDNS_DYNAMIC3 Delivered to trusted network by host with
2.8 DOS_OUTLOOK_TO_MX Delivered direct to MX with Outlook headers
-0.3 AWL AWL: From: address is in the auto white-list
in your case you should play with whitelist rules and RBL as the mails are *always* checked for spam, it happens many times that an internal PC (let's say on grean) is infected by a virus and begins spamming from inside, so if this is the case from inside than of course for outside the security is more restrictive.
yes, that's true but it's not a point.
Most of the SPAM Score is due to sender is submitting mail from an unauthorized ip address. RBL checks in that case doesnt make sense, eighter HELO NON FQDN and OUTLOOK TO MX. All this is related to valid MTA but not to User Agents, that are authenticated and authorized to submit email via efw smtp proxy.
Please review the Scores above.
Whitelisting is in my opinion not a right solution. By whitelisting a sender one opens a door for faked sender address. This is commonly used by spammers: from is the same as to.
|2007-10-17 15:03||wolfS||New Issue|
|2007-10-17 15:34||peter-endian||Status||new => resolved|
|2007-10-17 15:34||peter-endian||Resolution||open => fixed|
|2007-10-17 15:34||peter-endian||Assigned To||=> peter-endian|
|2007-10-17 15:34||peter-endian||Note Added: 0000534|
|2007-10-27 17:14||peter-endian||Status||resolved => closed|
|2007-10-27 17:14||peter-endian||Fixed in Version||=> 2.2|
|2011-04-05 14:18||jzdrzalek||Note Added: 0006079|
|2011-04-05 14:18||jzdrzalek||Status||closed => feedback|
|2011-04-05 14:18||jzdrzalek||Resolution||fixed => reopened|
|2011-04-21 12:36||ardit-endian||Note Added: 0006143|
|2011-04-21 13:18||jzdrzalek||Note Added: 0006144|
|Copyright © 2000 - 2012 MantisBT Group|