Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Obsolete Releases
  3. SME Server 9.x
  4. Topic: qpsmtpd 0.96 - mechanism '~all' matched, AND msg denied before queued
« previous next »
Pages: [1]   Go Down

qpsmtpd 0.96 - mechanism '~all' matched, AND msg denied before queued

  • 3 Replies
  • 1927 Views

Offline frifri

  • *
  • 108
  • +0/-0
qpsmtpd 0.96 - mechanism '~all' matched, AND msg denied before queued
« on: November 07, 2016, 11:04:55 AM »
Hi,

Using qpsmtpd 0.96 :

Code: [Select]
[root@sme ~]# config show qpsmtpd
qpsmtpd=service
    BadCountries=
    Bcc=disabled
    BccMode=cc
    BccUser=maillog
    DKIMSigning=enabled
    DMARCReject=enabled
    DMARCReporting=enabled
    DNSBL=enabled
    GeoIP=enabled
    HeloPolicy=lenient
    Karma=enabled
    KarmaNegative=2
    KarmaStrikes=3
    LogLevel=6
    MaxScannerSize=25000000
    RBLList=zen.spamhaus.org
    RHSBL=enabled
    RelayRequiresAuth=enabled
    SBLList=multi.surbl.org:rhsbl.sorbs.net
    SPFRejectPolicy=0
    TlsBeforeAuth=1
    UBLList=multi.surbl.org:8-16-64-128,black.uribl.com,rhsbl.sorbs.net
    URIBL=enabled
    access=public
    qplogsumm=disabled
    status=enabled

Messages are denied even when the domain is not prepared for false failures (mechanism '~all' matched) :

Code: [Select]
2016-11-07 10:47:05.701816500 12369 dispatching EHLO newton.telenet-ops.be
2016-11-07 10:47:05.702651500 12369 (ehlo) helo: pass
2016-11-07 10:47:05.703167500 12369 250-pollet-ghys.be Hi newton.telenet-ops.be [195.130.132.45]
2016-11-07 10:47:05.703199500 12369 250-PIPELINING
2016-11-07 10:47:05.703217500 12369 250-8BITMIME
2016-11-07 10:47:05.703236500 12369 250-SIZE 150000000
2016-11-07 10:47:05.703253500 12369 250 STARTTLS
2016-11-07 10:47:05.715791500 12369 dispatching STARTTLS
2016-11-07 10:47:05.715878500 12369 220 Go ahead with TLS
2016-11-07 10:47:05.826969500 12369 (unrecognized_command) tls: TLS setup returning
2016-11-07 10:47:05.839111500 12369 dispatching EHLO newton.telenet-ops.be
2016-11-07 10:47:05.839496500 12369 (ehlo) helo: pass
2016-11-07 10:47:05.839754500 12369 250-pollet-ghys.be Hi newton.telenet-ops.be [195.130.132.45]
2016-11-07 10:47:05.839781500 12369 250-PIPELINING
2016-11-07 10:47:05.839799500 12369 250-8BITMIME
2016-11-07 10:47:05.839817500 12369 250-SIZE 150000000
2016-11-07 10:47:05.839835500 12369 250 AUTH PLAIN LOGIN
2016-11-07 10:47:05.854070500 12369 dispatching MAIL FROM:<******@di-stefano.be> SIZE=3428
2016-11-07 10:47:05.859776500 12369 (mail) resolvable_fromhost: pass, di-stefano.be has MX at mail.di-stefano.be
2016-11-07 10:47:05.861024500 12369 (mail) rhsbl: query failed:  NOERROR
2016-11-07 10:47:05.861058500 12369 (mail) rhsbl: pass
2016-11-07 10:47:05.893034500 12369 (mail) sender_permitted_from: karma -1 (-1)
2016-11-07 10:47:05.893077500 12369 (mail) sender_permitted_from: fail, tolerated, soft, di-stefano.be: Sender is not authorized by default to use 'info@di-stefano.be' in 'mfrom' identity, however domain is not currently prepared for false failures (mechanism '~all' matched)
2016-11-07 10:47:05.893163500 12369 (mail) naughty: pass
2016-11-07 10:47:05.899777500 12369 (mail) sender_permitted_from: karma -1 (-2)
2016-11-07 10:47:05.899819500 12369 (mail) sender_permitted_from: fail, soft, di-stefano.be: Sender is not authorized by default to use 'info@di-stefano.be' in 'mfrom' identity, however domain is not currently prepared for false failures (mechanism '~all' matched)
2016-11-07 10:47:05.900042500 12369 (deny) logging::logterse: ` 195.130.132.45 newton.telenet-ops.be newton.telenet-ops.be sender_permitted_from 902 SPF - fail: di-stefano.be: Sender is not authorized by default to use '******@di-stefano.be' in 'mfrom' identity, however domain is not currently prepared for false failures (mechanism '~all' matched) msg denied before queued
2016-11-07 10:47:05.900122500 12369 denysoft mail from <*******@di-stefano.be> (SPF - fail: di-stefano.be: Sender is not authorized by default to use 'info@di-stefano.be' in 'mfrom' identity, however domain is not currently prepared for false failures (mechanism '~all' matched))
2016-11-07 10:47:05.900158500 12369 450 SPF - fail: di-stefano.be: Sender is not authorized by default to use '*******@di-stefano.be' in 'mfrom' identity, however domain is not currently prepared for false failures (mechanism '~all' matched)
2016-11-07 10:47:05.900459500 12369 dispatching RCPT TO:<******@fiftyonetielt.be>
2016-11-07 10:47:05.900605500 12369 503 Use MAIL before RCPT
2016-11-07 10:47:05.900805500 12369 dispatching DATA
2016-11-07 10:47:05.901122500 12369 503 MAIL first
2016-11-07 10:47:05.966208500 12369 dispatching RSET
2016-11-07 10:47:05.966336500 12369 250 OK
2016-11-07 10:47:05.966555500 12369 dispatching QUIT
2016-11-07 10:47:05.966708500 12369 221 pollet-ghys.be closing connection. Have a wonderful day.

Is this a bug or is there a good reason why the message is denied even when the sending-domain is not set to deny the message ?

F.
Logged

Offline Daniel B.

  • *
  • 1,700
  • +0/-0
    • Firewall Services, la sécurité des réseaux
Re: qpsmtpd 0.96 - mechanism '~all' matched, AND msg denied before queued
« Reply #1 on: November 07, 2016, 11:22:02 AM »
You should open a bug
Logged
C'est la fin du monde !!! :lol:

Offline frifri

  • *
  • 108
  • +0/-0
Re: qpsmtpd 0.96 - mechanism '~all' matched, AND msg denied before queued
« Reply #2 on: November 07, 2016, 11:29:07 AM »
Logged

Offline CharlieBrady

  • *
  • 6,918
  • +3/-0
Re: qpsmtpd 0.96 - mechanism '~all' matched, AND msg denied before queued
« Reply #3 on: November 14, 2016, 03:56:35 PM »
Quote from: frifri on November 07, 2016, 11:29:07 AM
Done : https://bugs.contribs.org/show_bug.cgi?id=9871

And the bug has been closed NOTABUG. The adverse behaviour was caused by a custom template.
Logged
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Obsolete Releases
  3. SME Server 9.x
  4. Topic: qpsmtpd 0.96 - mechanism '~all' matched, AND msg denied before queued