Koozali.org formerly Contribs.org

qpsmtpd dnsbl plugin exception

qpsmtpd dnsbl plugin exception
« on: May 22, 2013, 01:41:31 PM »
Hello all,
is it possible to have an exception for a trusted ip-address so that dnsbl allows it even if it is listed in a RBL list?

Offline mmccarn

  • *
  • 2,499
Re: qpsmtpd dnsbl plugin exception
« Reply #1 on: May 23, 2013, 02:12:14 PM »
According to perldoc /usr/share/qpsmtpd/plugins/dnsbl there is a config file 'dnsbl_allow' that exempts IP addresses from dnsbl checks.

Looking at /etc/e-smith/templates/var/service/qpsmtpd/config/dnsbl_allow, it looks like this file only contains the local networks.

If I'm right, you can exempt an external IP as follows (replace 10.10.10.1 with the IP you want to allow):
Code: [Select]
mkdir -p /etc/e-smith/templates-custom/var/service/qpsmtpd/config/dnsbl_allow
cd /etc/e-smith/templates-custom/var/service/qpsmtpd/config/dnsbl_allow
echo '10.10.10.1' > 99CustomIPs
expand-template /var/service/qpsmtpd/config/dnsbl_allow
sv t qpsmtpd

Un-do with:
Code: [Select]
cd /etc/e-smith/templates-custom/var/service/qpsmtpd/config/dnsbl_allow
rm -f 99CustomIPs
expand-template /var/service/qpsmtpd/config/dnsbl_allow
sv t qpsmtpd

Re: qpsmtpd dnsbl plugin exception
« Reply #2 on: May 24, 2013, 08:33:11 AM »
According to perldoc /usr/share/qpsmtpd/plugins/dnsbl there is a config file 'dnsbl_allow' that exempts IP addresses from dnsbl checks.

Looking at /etc/e-smith/templates/var/service/qpsmtpd/config/dnsbl_allow, it looks like this file only contains the local networks.

If I'm right, you can exempt an external IP as follows (replace 10.10.10.1 with the IP you want to allow):
Code: [Select]
mkdir -p /etc/e-smith/templates-custom/var/service/qpsmtpd/config/dnsbl_allow
cd /etc/e-smith/templates-custom/var/service/qpsmtpd/config/dnsbl_allow
echo '10.10.10.1' > 99CustomIPs
expand-template /var/service/qpsmtpd/config/dnsbl_allow
sv t qpsmtpd

Un-do with:
Code: [Select]
cd /etc/e-smith/templates-custom/var/service/qpsmtpd/config/dnsbl_allow
rm -f 99CustomIPs
expand-template /var/service/qpsmtpd/config/dnsbl_allow
sv t qpsmtpd

Thank You very much!
I was almost shure it would not be possible! I have created the template and will follow up here how it works.