Atomicorp

Posted: **Mon Sep 05, 2011 4:46 am**

I hope someone can help with interpretation of the reason for a recent rejection on Greylisting. An external email address was trying to send email to one of our hosted domains and being rejected.

It appears to me that it may be because the mail server IP address looks like it differs in 2 parts and one of them might even be a dynamic IP address. But Greylisting is discarding the email address. Can someone suggest how we can allow these emails to get through?

Aug 31 12:02:39 plesk3 /var/qmail/bin/relaylock[8957]: /var/qmail/bin/relaylock: mail from 94.136.63.184:58801 (lvps94-136-63-184.vps.webfusion.co.uk)
Aug 31 12:02:40 plesk3 spamd[1300]: spamd: result: . 0 - BAYES_00,FH_HELO_EQ_D_D_D_D,HELO_DYNAMIC_IPADDR,RDNS_DYNAMIC scantime=0.4,size=135533,user=qscand,uid=110,required_score=3.0,rhost=localhost,raddr=127.0.0.1,rport=/tmp/spamd_full.sock,mid=<000001cc67cc$fbcf5500$f36dff00$@vividdesignstudio.co.uk>,bayes=0.000000,autolearn=no
Aug 31 12:02:40 plesk3 qmail-queue-handlers[8974]: Handlers Filter before-queue for qmail started ...
Aug 31 12:02:40 plesk3 qmail-queue-handlers[8974]: from=malcolm@vividdesignstudio.co.uk
Aug 31 12:02:40 plesk3 qmail-queue-handlers[8974]: to=gs@hosted-domain.co.uk
Aug 31 12:02:40 plesk3 qmail-queue-handlers[8974]: hook_dir = '/usr/local/psa/handlers/before-queue'
Aug 31 12:02:40 plesk3 qmail-queue-handlers[8974]: call_handlers: call executable = '/usr/local/psa/handlers/info/05-grey-zapETi/executable'
Aug 31 12:02:40 plesk3 greylisting filter[8975]: Starting greylisting filter...
Aug 31 12:02:40 plesk3 greylisting filter[8975]: list type: black, from: lvps212-241-217-184.vps.webfusion.co.uk, match string: .*[0-9][0-9][0-9]-[0-9][0-9][0-9]-[0-9][0-9][0-9].*
Aug 31 12:02:40 plesk3 qmail-queue-handlers[8974]: handlers_stderr: REJECT
Aug 31 12:02:40 plesk3 qmail-queue-handlers[8974]: call_handlers: REJECT during call '/usr/local/psa/handlers/info/05-grey-zapETi/executable' handler
Aug 31 12:02:40 plesk3 qmail-queue-handlers[8974]: call_handlers: stop call handlers from dir '/usr/local/psa/handlers/before-queue/global'
Aug 31 12:02:40 plesk3 X-Qmail-Scanner-2.08st: [plesk3.emailitis.co.uk13147885597988960] mail server permanently rejected message. (#5.3.0) -
Aug 31 12:02:40 plesk3 X-Qmail-Scanner-2.08st: [plesk3.emailitis.co.uk13147885597988960] mail server permanently rejected message. (#5.3.0) - Illegal seek

Many thanks, as ever, in advance for any assistance.

Posted: **Mon Sep 05, 2011 12:17 pm**

You just need to whitelist it.

As far as I can tell, this comes from the Plesk greylist facility. You can add a domain (or more p[robably rDNS of sending IP) to the whitelist, or remove a rule from the backlist.

Personally I would not accept emails from a server with a generic rDNS like the one that's trying to send email to you, so I'd leve the blacklist rule in place and just whitelist the sender.

See also http://forum.parallels.com/pda/index.php/t-108383.html

Faris.

Posted: **Fri Sep 23, 2011 11:53 am**

faris,

Thank you for your response, and I agree totally about not removing the whole rule. The whitelisting in /etc/mail/spamassassin/local.cf does appear to have worked (I was worried it might not as I thought that Spamassassin and Greylisting would be done separately, but whitelisting it does appear to make the greylisting ignore it).

The link I think was more for Plesk 9 because our server says

[root@plesk3 ~]# /opt/psa/bin/grey_listing -i
-bash: /opt/psa/bin/grey_listing: No such file or directory
[root@plesk3 ~]#

and the 2 forums we found on parallels were specific to plesk 9. We have Plesk 10.0.2 and the steps for Plesk 9 are not applicable on Plesk 10. There is nothing standing out of the screen telling us how we can comment out this rule!

Posted: **Fri Sep 23, 2011 12:14 pm**

Unfortunately I'm not running 10.x on any of our systems at the moment so I can't help with this one.

Please can someone else reading this help out with the location of the greylist configuration in Plesk 10?

Posted: **Fri Sep 23, 2011 12:23 pm**

faris,

You are so sensible not running Plesk 10. We made the mistake of upgrading early this year - I thought that 8 months was sufficient to get it stable. But the basic business model on Plesk 10 is so different to all the previous models. After many months, we are getting more used to it and once you grasp their thinking (takes some work, that!) there are bits which are good. I guess starting with Plesk 10 never having had anything previously would be so much easier than the pain we had to go through.
When I can find the will to do it, we should really upgrade to Plesk 10.3 which is now out.
I think of Plesk 10 as their equivalent to Windows Vista! Let's hope Plesk 11 is not too far away and much better!

Posted: **Fri Sep 23, 2011 6:24 pm**

I think of Plesk 10 as their equivalent to Windows Vista! Let's hope Plesk 11 is not too far away and much better!

I always throught of 9 as Vista and was hoping 10 was going to be W7. No such luck. 10.3.x seems rather good though (I test the releases, but as yet have not put them into production, and delete to save disk space if I don't use them for further testing, hence no 10.x to play with right now).

But there have been some changes at Parallels and things are heading in the right direction.

If you want to look forward to a real horror, take a look at the new UI Microsoft is going to try to make us use in W8! But I digress....

Posted: **Wed Oct 05, 2011 5:54 am**

The domain in question was whitelisted in the spam assasin config file... however, not in plesk panel. Will this make a difference do you think?

Posted: **Wed Oct 05, 2011 9:00 am**

Are we still on the same topic?

Yes, it sould make a big difference. Greylisting/rDNS check stuff takes place before anything gets anywhere near SpamAssassin.

Same applies to SpamDyke.

Posted: **Wed Oct 05, 2011 9:16 am**

Thanks faris! Yes it's still the same issue. I'm quite new to all the server stuff myself... so just trying to get my head round a lot of these issues we have.

I think I read coolemails post and saw about the spamassassin... so thought I would delve in to the world of the "plesk control panel". Nothing had been white listed on there as far as I could see. So hopefully that will work now. As is came up in the mail logs as being on the white list for spamdyke... but as you say, plesk greylisting comes before.

A bit off topic.. so with spamdyke, even plesk comes before that?

Posted: **Wed Oct 05, 2011 10:43 am**

You would not mix Plesk's greylisting stuff with spamdyke. Both do the same thing (spamdyke has much more). I'm not sure they would work together.

Atomicorp

Greylisting Rejection - explanation please

Greylisting Rejection - explanation please

Re: Greylisting Rejection - explanation please

Re: Greylisting Rejection - explanation please

Re: Greylisting Rejection - explanation please

Re: Greylisting Rejection - explanation please

Re: Greylisting Rejection - explanation please

Re: Greylisting Rejection - explanation please

Re: Greylisting Rejection - explanation please

Re: Greylisting Rejection - explanation please

Re: Greylisting Rejection - explanation please