Results 1 to 5 of 5

Thread: Greylist with cbpolicyd does nothing?

  1. #1
    yogg is offline Intermediate Member
    Join Date
    Dec 2009
    Posts
    24
    Rep Power
    5

    Default Greylist with cbpolicyd does nothing?

    Hi

    My System:
    Release 8.0.3.GA.5664.UBUNTU12.64 UBUNTU12_64 FOSS edition.

    I activated "cbpolicyd" so I can use the greylist feature of zimbra.
    I used the wiki for this: Postfix Policyd - Zimbra :: Wiki

    And I added the greylist line to the db:
    Code:
    sqlite> select * from greylisting;
    1|3|Zimbra Greylisting percentage|1|300|SenderIP:/32|604800|86400|1|604800|100|95|1|604800|100|100|Retry in 300 Sek|0
    I also extendet the log, so I get mor infos:
    Code:
    zmlocalconfig -e cbpolicyd_log_detail="modules,tracking,policies,protocols"
    Greylist module is also enabled:
    Code:
    zimbra@my-zimbra01:/tmp$ zmlocalconfig | grep policyd
    cbpolicyd_bind_port = 10031
    cbpolicyd_bypass_mode = tempfail
    cbpolicyd_bypass_timeout = 30
    cbpolicyd_cache_file = ${zimbra_home}/data/cache
    cbpolicyd_db_file = ${zimbra_home}/data/cbpolicyd/db/cbpolicyd.sqlitedb
    cbpolicyd_log_detail = modules,tracking,policies,protocols
    cbpolicyd_log_file = ${zimbra_log_directory}/cbpolicyd.log
    cbpolicyd_log_level = 4
    cbpolicyd_log_mail = main
    cbpolicyd_module_accesscontrol = 1
    cbpolicyd_module_checkhelo = 1
    cbpolicyd_module_checkspf = 1
    cbpolicyd_module_greylisting = 1
    cbpolicyd_module_quotas = 1
    cbpolicyd_pid_file = ${zimbra_log_directory}/cbpolicyd.pid
    cbpolicyd_timeout = 120
    postfix_enable_smtpd_policyd = yes
    But when I now send an E-Mail from another mailserver to the zimbra server nothing happens.
    The mail gets through "cbpolicyd" without any problems.
    I can see that the mail gets processed by "cbpolicyd" in the "/opt/zimbra/log/cbpolicyd.log" file.
    Code:
    ...
    [2013/08/23-15:51:16 - 7478] [CBPOLICYD] DEBUG: Running module: Access Control Plugin
    [2013/08/23-15:51:16 - 7478] [CBPOLICYD] DEBUG: Running module: HELO/EHLO Check Plugin
    [2013/08/23-15:51:16 - 7478] [CBPOLICYD] DEBUG: Running module: SPF Check Plugin
    [2013/08/23-15:51:16 - 7478] [CBPOLICYD] DEBUG: Running module: Greylisting Plugin
    [2013/08/23-15:51:16 - 7478] [CBPOLICYD] DEBUG: Running module: Quotas Plugin
    [2013/08/23-15:51:16 - 7478] [CBPOLICYD] DEBUG: Done with modules
    ...


    If I understand it right zimbra schould reject the mail the first time.
    And if the other mailserver sends the mail again after some time (300 seconds in my case) the mail gets trough the greylist and the server is moved into the "auto whitelist".

    But there are only my entrys in the lists. And that are only the the addresses of the local zimbra server (2 internal addresses and 1 external)
    The other mailserver is not listed.
    Code:
    sqlite> select * from greylisting_autowhitelist;
    
    sqlite> select * from greylisting_autoblacklist;
    
    sqlite> select * from greylisting_tracking;
    
    sqlite> select * from greylisting_whitelist;
    1|SenderIP:192.168.22.33|Whitelist mailbox|0
    2|SenderIP:192.168.21.33|Whitelist mailbox|0
    3|SenderIP:1.2.3.4|Whitelist mailbox|0

    Has someone an idea what I have done wrong?

  2. #2
    yogg is offline Intermediate Member
    Join Date
    Dec 2009
    Posts
    24
    Rep Power
    5

    Default

    Has nobody an idea?
    Is maybe my thinking about how the greylist should work wrong?
    Or I'm right that the frist mail from an unknown server should get rejected?

  3. #3
    alexebner is offline Active Member
    Join Date
    Dec 2009
    Posts
    47
    Rep Power
    5

    Default

    Same Problem here.
    Nothing works.
    Also no helo/ehlo checks are working.
    I think i am giving up with Zimbra and change to another collaberation tool because zimbra 8 is not so good as 7
    Last edited by alexebner; 08-26-2013 at 03:15 AM.

  4. #4
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,469
    Rep Power
    56

    Default

    Quote Originally Posted by alexebner View Post
    Same Problem here.
    Nothing works.
    Also no helo/ehlo checks are working.
    There's also not much information in your post about what you've enabled, how you've configured cbpolicyd (which instructions did you follow), what errors/messages are you seeing in the log files (have you increased logging?) nor even which version of ZCS you're using.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  5. #5
    alexebner is offline Active Member
    Join Date
    Dec 2009
    Posts
    47
    Rep Power
    5

    Default

    I am running 8.0.3.GA.5664.UBUNTU12.64 and have the same output and config as yogg.

    I have installed and configured all like the howto on How-to for cbpolicyd - Zimbra :: Wikicbpolicyd_bind_port = 10031


    cbpolicyd_bypass_mode = tempfail
    cbpolicyd_bypass_timeout = 30
    cbpolicyd_cache_file = ${zimbra_home}/data/cache
    cbpolicyd_db_file = ${zimbra_home}/data/cbpolicyd/db/cbpolicyd.sqlitedb
    cbpolicyd_log_detail = modules,tracking,policies
    cbpolicyd_log_file = ${zimbra_log_directory}/cbpolicyd.log
    cbpolicyd_log_level = 4
    cbpolicyd_log_mail = main
    cbpolicyd_module_accesscontrol = 1
    cbpolicyd_module_checkhelo = 1
    cbpolicyd_module_checkspf = 1
    cbpolicyd_module_greylisting = 1
    cbpolicyd_module_quotas = 1
    cbpolicyd_pid_file = ${zimbra_log_directory}/cbpolicyd.pid
    cbpolicyd_timeout = 120
    postfix_enable_smtpd_policyd = yes

    cbpolicyd.log


    [2013/08/26-12:21:59 - 11923] [TRACKING] DEBUG: Request translated into session data: $VAR1 = {
    'Recipient' => '********@****.**',
    'SASLUsername' => '',
    'QueueID' => '',
    '_PeerAddress' => bless( {
    'raw_ip' => '127.0.0.1',
    'ip' => '127.0.0.1',
    'ip_version' => 4,
    'cidr' => 32
    }, 'awitpt::netip' ),
    'RecipientData' => '/<********@****.**>#0=1,1,1;',
    'EncryptionCipher' => '',
    'Instance' => '4c49.521b2c47.b780c.0',
    'Size' => 0,
    'EncryptionKeySize' => '0',
    'UnixTimestamp' => 1377512519,
    'ProtocolTransport' => 'Postfix',
    'PeerAddress' => '127.0.0.1',
    'EncryptionProtocol' => '',
    'Helo' => '********',
    'ClientAddress' => '127.0.0.1',
    'ClientName' => 'localhost',
    'Sender' => '********@****.**',
    'SASLSender' => '',
    '_ClientAddress' => bless( {
    'raw_ip' => '127.0.0.1',
    'ip' => '127.0.0.1',
    'ip_version' => 4,
    'cidr' => 32
    }, 'awitpt::netip' ),
    'ProtocolState' => 'RCPT',
    'Policy' => {
    '0' => [
    1,
    1,
    1
    ]
    },
    'Protocol' => 'ESMTP',
    'ClientReverseName' => 'localhost',
    'SASLMethod' => ''
    };
    [2013/08/26-12:21:59 - 11923] [CBPOLICYD] INFO: Got request #2 (pipelined)
    [2013/08/26-12:21:59 - 11923] [CBPOLICYD] DEBUG: Running module: Access Control Plugin
    [2013/08/26-12:21:59 - 11923] [CBPOLICYD] DEBUG: Running module: HELO/EHLO Check Plugin
    [2013/08/26-12:21:59 - 11923] [CBPOLICYD] DEBUG: Running module: SPF Check Plugin
    [2013/08/26-12:21:59 - 11923] [CBPOLICYD] DEBUG: Running module: Greylisting Plugin
    [2013/08/26-12:21:59 - 11923] [CBPOLICYD] DEBUG: Running module: Quotas Plugin
    [2013/08/26-12:21:59 - 11923] [CBPOLICYD] DEBUG: Done with modules
    [2013/08/26-12:21:59 - 11923] [TRACKING] DEBUG: Protocol state is 'END-OF-MESSAGE', decoding policy...
    [2013/08/26-12:21:59 - 11923] [TRACKING] DEBUG: Decoded into: $VAR1 = {
    '********@****.**' => {
    '0' => [
    '1',
    '1',
    '1'
    ]
    },
    '********@****.**' => {
    '0' => [
    '1',
    '1',
    '1'
    ]
    }
    };
    cbpolicyd[2013/08/26-12:21:59 - 11923] [TRACKING] DEBUG: Request translated into session data: $VAR1 = {
    'SASLUsername' => '',
    'QueueID' => 'C351C2E34FA',
    '_PeerAddress' => bless( {
    'raw_ip' => '127.0.0.1',
    'ip' => '127.0.0.1',
    'ip_version' => 4,
    'cidr' => 32
    }, 'awitpt::netip' ),
    'RecipientData' => '/<********@****.**>#0=1,1,1;/<********@****.**t>#0=1,1,1;',
    'EncryptionCipher' => '',
    'Instance' => '4c49.521b2c47.b780c.0',
    'Size' => '1393',
    'EncryptionKeySize' => '0',
    'UnixTimestamp' => 1377512519,
    'ProtocolTransport' => 'Postfix',
    'PeerAddress' => '127.0.0.1',
    'EncryptionProtocol' => '',
    'Helo' => '****************',
    'ClientAddress' => '127.0.0.1',
    'ClientName' => 'localhost',
    'Sender' => '********@****.**',
    'SASLSender' => '',
    '_ClientAddress' => bless( {
    'raw_ip' => '127.0.0.1',
    'ip' => '127.0.0.1',
    'ip_version' => 4,
    'cidr' => 32
    }, 'awitpt::netip' ),
    'ProtocolState' => 'END-OF-MESSAGE',
    '_Recipient_To_Policy' => {
    '********@****.**' => {
    '0' => [
    '1',
    '1',
    '1'
    ]
    },
    ********@****.**' => {
    '0' => [
    '1',
    '1',
    '1'
    ]
    }
    },
    'Protocol' => 'ESMTP',
    'ClientReverseName' => 'localhost',
    'SASLMethod' => ''
    };
    [2013/08/26-12:21:59 - 11923] [CBPOLICYD] INFO: Got request #3 (pipelined)
    [2013/08/26-12:21:59 - 11923] [CBPOLICYD] DEBUG: Running module: Access Control Plugin
    [2013/08/26-12:21:59 - 11923] [CBPOLICYD] DEBUG: Running module: HELO/EHLO Check Plugin
    [2013/08/26-12:21:59 - 11923] [CBPOLICYD] DEBUG: Running module: SPF Check Plugin
    [2013/08/26-12:21:59 - 11923] [CBPOLICYD] DEBUG: Running module: Greylisting Plugin
    [2013/08/26-12:21:59 - 11923] [CBPOLICYD] DEBUG: Running module: Quotas Plugin
    [2013/08/26-12:21:59 - 11923] [CBPOLICYD] DEBUG: Done with modules
    Last edited by alexebner; 08-26-2013 at 03:29 AM.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Cbpolicyd not greylisting
    By plastilin in forum Administrators
    Replies: 13
    Last Post: 06-24-2013, 07:26 PM
  2. cbpolicyd
    By thesubmitter in forum Administrators
    Replies: 3
    Last Post: 06-12-2013, 01:35 PM
  3. cbpolicyd
    By uxbod in forum Administrators
    Replies: 4
    Last Post: 04-20-2013, 06:42 PM
  4. cbpolicyd on zimbra 8
    By thesubmitter in forum Installation
    Replies: 0
    Last Post: 11-09-2012, 03:58 PM
  5. How to enable greylist in Zimbra 7.1?
    By samuelhigh in forum Administrators
    Replies: 1
    Last Post: 03-26-2012, 10:50 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •