Koozali.org: home of the SME Server

qpsmtpd dnsbl plugin exception

Offline mikalof

  • *
  • 27
  • +0/-0
qpsmtpd dnsbl plugin exception
« on: May 22, 2013, 01:41:31 PM »
Hello all,
is it possible to have an exception for a trusted ip-address so that dnsbl allows it even if it is listed in a RBL list?

Offline mmccarn

  • *
  • 2,626
  • +10/-0
Re: qpsmtpd dnsbl plugin exception
« Reply #1 on: May 23, 2013, 02:12:14 PM »
According to perldoc /usr/share/qpsmtpd/plugins/dnsbl there is a config file 'dnsbl_allow' that exempts IP addresses from dnsbl checks.

Looking at /etc/e-smith/templates/var/service/qpsmtpd/config/dnsbl_allow, it looks like this file only contains the local networks.

If I'm right, you can exempt an external IP as follows (replace 10.10.10.1 with the IP you want to allow):
Code: [Select]
mkdir -p /etc/e-smith/templates-custom/var/service/qpsmtpd/config/dnsbl_allow
cd /etc/e-smith/templates-custom/var/service/qpsmtpd/config/dnsbl_allow
echo '10.10.10.1' > 99CustomIPs
expand-template /var/service/qpsmtpd/config/dnsbl_allow
sv t qpsmtpd

Un-do with:
Code: [Select]
cd /etc/e-smith/templates-custom/var/service/qpsmtpd/config/dnsbl_allow
rm -f 99CustomIPs
expand-template /var/service/qpsmtpd/config/dnsbl_allow
sv t qpsmtpd

Offline mikalof

  • *
  • 27
  • +0/-0
Re: qpsmtpd dnsbl plugin exception
« Reply #2 on: May 24, 2013, 08:33:11 AM »
According to perldoc /usr/share/qpsmtpd/plugins/dnsbl there is a config file 'dnsbl_allow' that exempts IP addresses from dnsbl checks.

Looking at /etc/e-smith/templates/var/service/qpsmtpd/config/dnsbl_allow, it looks like this file only contains the local networks.

If I'm right, you can exempt an external IP as follows (replace 10.10.10.1 with the IP you want to allow):
Code: [Select]
mkdir -p /etc/e-smith/templates-custom/var/service/qpsmtpd/config/dnsbl_allow
cd /etc/e-smith/templates-custom/var/service/qpsmtpd/config/dnsbl_allow
echo '10.10.10.1' > 99CustomIPs
expand-template /var/service/qpsmtpd/config/dnsbl_allow
sv t qpsmtpd

Un-do with:
Code: [Select]
cd /etc/e-smith/templates-custom/var/service/qpsmtpd/config/dnsbl_allow
rm -f 99CustomIPs
expand-template /var/service/qpsmtpd/config/dnsbl_allow
sv t qpsmtpd

Thank You very much!
I was almost shure it would not be possible! I have created the template and will follow up here how it works.