811882 – mail-filter/postgrey: whitelist goes too far

Bug 811882 - mail-filter/postgrey: whitelist goes too far

Summary: mail-filter/postgrey: whitelist goes too far

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All Linux

Importance:	Normal normal
Assignee:	Sam James

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2021-09-06 18:58 UTC by armin
Modified:	2023-01-26 01:16 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description armin 2021-09-06 18:58:55 UTC

after updating to postgrey-1.37_p20190625-r1 (from 1.34) i got so much spam.

there are many ip addresses in the list and they are not all kosher.

i reverted to the whitelist of 1.34 + my local additions. everything is fine now.

just because it's an outlook/microsoft ip range does not make it safe for spam!

Comment 1 Sam James archtester

2021-09-06 19:43:48 UTC

Well, the problem is, greylisting isn't perfect. In general, delaying everything from Outlook/MS isn't really going to help, right?

Is this spam coming from *Azure*? If it's from Outlook itself, I really don't think we can do much (just report it to them). If it's from Azure or other IPs (i.e. not through Outlook), we can fix the range, sure.

Comment 2 Larry the Git Cow gentoo-dev

2021-09-07 01:36:30 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ba40a9889cc83e116731557e5897df254af4f5cc

commit ba40a9889cc83e116731557e5897df254af4f5cc
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2021-09-07 01:31:18 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2021-09-07 01:36:14 +0000

    mail-filter/postgrey: restore 1.37 (modernised)
    
    This reverts commit 5db5e8fbdb8ca48a9f5a545ef43dce4e036526b7.
    Contains a different form of the whitelist which may be useful
    for some people. No real rush to cleanup.
    
    Bug: https://bugs.gentoo.org/811882
    Signed-off-by: Sam James <sam@gentoo.org>

 mail-filter/postgrey/Manifest             |  1 +
 mail-filter/postgrey/postgrey-1.37.ebuild | 74 +++++++++++++++++++++++++++++++
 2 files changed, 75 insertions(+)

Comment 3 armin 2021-09-08 08:20:18 UTC

Well grey listing is not perfect, but I am back a 0-1 spam email a day from 80 with the current whitelist. There are def. bad seeds on it.

Generally I am against IP ranges/addresses. If they don't resolve to useful hostnames the setup is generally flawed.

Comment 4 Sam James archtester

2021-09-17 02:58:46 UTC

(In reply to armin from comment #3)
> Well grey listing is not perfect, but I am back a 0-1 spam email a day from
> 80 with the current whitelist. There are def. bad seeds on it.
> 
> Generally I am against IP ranges/addresses. If they don't resolve to useful
> hostnames the setup is generally flawed.

Sure, I understand, but the whitelist exists for a reason -- to avoid delaying stuff unnecessarily. It'd help to know some of the precise ranges which were sending you spam, ideally with headers. You can send it to me privately if you wish.

Comment 5 Sam James archtester

2023-01-26 01:16:33 UTC

Please report your issues at https://github.com/schweikert/postgrey/issues and link the bug here.