Topic: Need require_resolvable_fromhost working on sme server 8.0

[madtoy]

Currently I installed version 8.0 in server-only mode with its updates and the plugin does not work.

If I try to send an email from the outside with a sender address nonexistent domain the mail is delivered correctly and not blocked.
In log file (qpsmtpd/current) i haven't never entry match for that plugin.
Do I need to install some addon or contribs or change some settings for enable it?

I tried looking on the website but I found no valid references to find out if the plugin  require_resolvable_fromhost works or not in the 8.0 version.

now my network configuration il wih a firewall --> dmz --> Sme Server (private ip with nat on external IP).

Need Help, thanks

[Stefano]

please, post the output of

Code: [Select]

config show qpsmtpd


[larieu]

as written here

http://wiki.contribs.org/Email

that plugin is ON if the server is in "server-and-gateway mode"  for the WAN (remote)
for LAN - is disabled

as log long your server is in "server-only mode" I expect to be dis-activated

as simple workaround - use another interface (ethernet) which you'll never connect
or I think I've seen something about an "dummy" interface on forum

[janet]

madtoy

Following on from larieu's advice, you can reconfigure the server into gateway & server mode (with 2 NIC's), but select static IP (rather than dedicated or other settings), and enter the local IP of your router, effectively making a dmz, but with the advantages of server gateway mode, including having that plugin ON.

[madtoy]

Hi stefano, here is my qpsmtpd config.

Code: [Select]

qpsmtpd=service
    Bcc=disabled
    BccMode=cc
    BccUser=maillog
    DNSBL=enabled
    LogLevel=6
    MaxScannerSize=25000000
    RBLList=zen.spamhaus.org:dnsbl.sorbs.net
    RHSBL=enabled
    RelayRequiresAuth=disabled
    SBLList=bogusmx.rfc-ignorant.org:multi.surbl.org:black.uribl.com:rhsbl.sorbs.net:bulk.rhs.mailpolice.com:fraud.rhs.mailpolice.com:porn.rhs.mailpolice.com:adult.rhs.mailpolice.com:ex.dnsbl.org
    TlsBeforeAuth=1
    access=public
    qplogsumm=disabled
    status=enabled


Others say to rebuit the server in "server-and-gateway mode"  with workaround but is not a clean solution.

I'd like another solution, thanks

[Stefano]

you should follow mary's advice, IMHO

[janet]

madtoy

Others say to rebuit the server in "server-and-gateway mode"  with workaround but is not a clean solution.
I'd like another solution, thanks

What is not clean about it. It's not a workaround, it's a standard operating mode that is a part of SME server core design, and is the way that some professional SME support personnel install SME servers (for an added security layer). You do not need to rebuild the server, just Reconfigure it using the console admin menu, and of course physically add a second NIC if not already built in.

[madtoy]

Hi Mary, thank for your post and for the solutions.
Now i make that configuration and after post the result here. thanks at all

[mmccarn]

For what it's worth -

I have a couple SME boxes in 'server-only' mode running as SPAM filters.

I find that 'require_resolvable_fromhost' is configured and enabled on my SME8 'server-only' box, and frequently returns
...require_resolvable_fromhost plugin (mail): <####> query for <various.domains> failed:  query timed out

but processing of the associated message continues.

However, in every case the email was ultimately denied due to an RBL listing at spamhaus.

Of course, a test generated from a non-spamming off-site system would not be blocked by DNSBL.

[edit]
My SME 7.6 spam filter, on the other hand, denies email if require_resolvable_fromhost times out:
... 18148 require_resolvable_fromhost plugin (mail): 18148 query for highchase.com failed:  query timed out
... 18148 logging::logterse plugin (deny): ` 67.212.180.177   server1.chibears8171.com    smtp.highchase.com                      require_resolvable_fromhost     902     Could not resolve highchase.com (#4.4.3)    msg denied before queued

[madtoy]

Hi, we are back for the result about require_resolvable_fromhost in gateway mode.

So, we have switch the sme server 8.0 from server-only to gateway mode for tray to solve plugin resolvable_fromhost.

the plugin still does not work!

Here the tests we have done:

1. send from an outside server an email with a real email send address.
In log file in 3/4 seconds the mail arrived, checked and queued.
oll is ok

now 2. send from an outside server an email with a no existing domain (for exemple info@noexistingdomain.org) the mail arrived, cheked
now log stop for about 50 seconds and after said:  require_resolvable_fromhost plugin (mail): 6210 query for glgmc.org failed:  SERVFAIL
after mail go on, processed and queued correctly for local user!
so the plugin is working but not for STOP email from resolvable host!

The same senario is for server-only... the same.

We supose that the plugin don't work or it work for check the sender but in case the domain don't exist (WITH THE PROBLEM TO WAIT 50 SECONDS for timeout process dns query) dont stop the mail with rejet but the mail always queued.

Is a bug or other?, please some one solve the plugin or there is a solution or for disable it or to make work correctly.
tks for all possible solution, bye

[janet]

madtoy

Your experience seems to be confirmed by an earlier poster, therefore you should lodge a bug report.

[CharlieBrady]

Your experience seems to be confirmed by an earlier poster, therefore you should lodge a bug report.

The bug report should be lodged any time something which should work does not work. No need to wait for another poster to report a similar problem.

[madtoy]

I do not understand what you mean. I have to open a bug report or not?
The problem is already known and is already taking action to the solution?

tks

[janet]

madtoy

Yes please do lodge a bug report so that the issue can be properly assessed and fixed if necessary.