Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » whitelisting
  •  
oscar_alfonso

Messages: 15
Karma: 0
Send a private message to this user
Hello there, houston, we have a problem! haha.

The problem is a customer that is trying to send me mails but our server is rejecting them. The reason is because I'm using a public blacklist (SORBS DNSBL) and his ips (yes, his ips in plural, not singular) are in that list. That list works fine for me and I don't want to stop using it.

I'm trying to whitelist him, but is very difficult by ip because he is using a proxy service arranged with Symantec that does every time has a different server ip address.

I tried to configurate the custom rules to whitelist the domain of my customer, but they not override the public blacklisting... only the ip whitelisting overrides the public blacklisting. Confused

I've seen the headers of my customer's mails... and there is always a common line:
X-Originating-IP: [195.235.11.171]

That is the real ip of his mailserver. That ip is not included in SORBS DNSBL. Can kerio mailserver detect it and whitelist every mail with that on its header?

I'm using Kerio Mailserver 6.4.0-3364

Thank you in advance and kind regards.
  •  
BudDurland

Messages: 348

Karma: 10
Send a private message to this user
Are you using the IP blacklist to block? If so, instead set it to add something to the spam score that guarantees it will catch -- 8.0 or 9.0 points, enough to make the system delete the message based on the Spam Assassin score alone. Then, in your spam settings, configure the sender's domain to over-ride the SpamAssasin score and treat the message as non-spam.

Good is better than evil because it's nicer
--Mammy Yokum
  •  
oscar_alfonso

Messages: 15
Karma: 0
Send a private message to this user
nice... i'll try it. Thank you so much. Razz
  •  
freakinvibe

Messages: 1529
Karma: 60
Send a private message to this user
As a general advice, don't use SORBS to block your mails. Just add a score. SORBS has too many false positives. Have you tried the Spamhaus blacklist? It catches much more for me and is more reliable.

Dexion AG - The Blackberry Specialists in Switzerland
https://dexionag.ch
  •  
oregonbob

Messages: 18
Karma: 0
Send a private message to this user
I had difficulty with DNSBL too. It was marking emails as SPAM almost randomly. I noticed that if one includes an email address in a custom rule to ALLOW it will be IGNORED if they show up in a blacklist. This seems like nonsense. Why even offer the ability to whitelist if it is ignored by blacklists?

A whitelist should override blacklists. It seems Kerio has this backwards.

[Updated on: Fri, 24 June 2011 23:27]

  •  
TorW

Messages: 769
Karma: 9
Send a private message to this user
Having an email address whitelist override an IP blacklist is nonsensical (Envelope-from and From: is easy to falsify) and in some scenarios also impossible to do. The better solution is to use Kerio's IP whitelist (you know where it is, right?) together with SpamAssassin's whitelist_from_rcvd keyword.
  •  
oscar_alfonso

Messages: 15
Karma: 0
Send a private message to this user
yeah BudDurland, it worked for me. Thank you so much!!

[Updated on: Mon, 27 June 2011 09:07]

Previous Topic: KERIO CONNECT ACTIVE DIRECTORY PROBLEMS
Next Topic: Alias column in Administration Panel
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Sat Sep 23 18:25:58 CEST 2017

Total time taken to generate the page: 0.00490 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.