Configuring whitelist/blacklist in iRedMail

Discourse
1

In iRedMail, blacklists and whitelists are controlled by the amavisd_wblist plugin (/opt/iredapd/plugins/amavisd_wblist.py). The plugin itself can be managed using the wblist_admin.py script (/opt/iredapd/tools/wblist_admin.py).

Address Formats

Permissible address formats for white and black lists:

  • user@domain.com - one user.
  • @domain.com / @sub.domain.com - one domain.
  • @.domain.com - a domain and all its subdomains.
  • @. - any domain.
  • @.com / @.org / @.info - top-level domain.
  • 192.168.1.2 - one IP address.
  • 192.168.1.0/24 - CIDR network.

Examples for the whitelist

  • Show entries from the whitelist:
python3 '/opt/iredapd/tools/wblist_admin.py' --list --whitelist
  • Add an IP address, email, domain, and subdomain to the whitelist:
python3 '/opt/iredapd/tools/wblist_admin.py' --add --whitelist '192.168.1.10' 'user@domain.com' '@iredmail.org' '@.example.org'
  • Delete an IP address, email, domain, and subdomain from the whitelist:
python3 '/opt/iredapd/tools/wblist_admin.py' --delete --whitelist '192.168.1.10' 'user@domain.com' '@iredmail.org' '@.example.org'
  • Create a whitelist for the local mail domain @domain.com and add an IP address 192.168.1.10 and email user@example.org to it:
python3 '/opt/iredapd/tools/wblist_admin.py' --account '@domain.com' --add --whitelist '192.168.1.10' 'user@example.org'
  • Create a whitelist for the local mail domain @domain.com and all its subdomains, and add an IP address 192.168.1.10 and email user@example.org to it:
python3 '/opt/iredapd/tools/wblist_admin.py' --account '@.domain.com' --add --whitelist '192.168.1.10' 'user@example.org'
  • Create a whitelist for the local user user@domain.com and add an IP address 192.168.1.10 and email user@example.org to it:
python3 '/opt/iredapd/tools/wblist_admin.py' --account 'user@domain.com' --add --whitelist '192.168.1.10' 'user@example.org'
  • Show entries from the whitelist for the local mail domain @domain.com:
python3 '/opt/iredapd/tools/wblist_admin.py' --account '@domain.com' --list --whitelist
  • Show entries from the whitelist for the local user user@domain.com:
python3 '/opt/iredapd/tools/wblist_admin.py' --account 'user@domain.com' --list --whitelist

Examples for the blacklist

  • Show entries from the blacklist:
python3 '/opt/iredapd/tools/wblist_admin.py' --list --blacklist
  • Add an IP address, email, domain, and subdomain to the blacklist:
python3 '/opt/iredapd/tools/wblist_admin.py' --add --blacklist '202.96.134.133' 'bad-user@domain.com' '@bad-domain.com' '@.sub-domain.com'
  • Add a sender (sender) to the blacklist:
python3 '/opt/iredapd/tools/wblist_admin.py' --add --blacklist 'sender@*'
  • Delete an IP address, email, domain, and subdomain from the blacklist:
python3 '/opt/iredapd/tools/wblist_admin.py' --delete --blacklist '202.96.134.133' 'bad-user@domain.com' '@bad-domain.com' '@.sub-domain.com'
  • Create a blacklist for the local mail domain @domain.com and add an IP address 172.16.1.10 and email bad-user@example.org to it:
python3 '/opt/iredapd/tools/wblist_admin.py' --account '@domain.com' --add --blacklist '172.16.1.10' 'bad-user@example.org'
  • Create a blacklist for the local mail domain @domain.com and all its subdomains, and add an IP address 172.16.1.10 and email bad-user@example.org to it:
python3 '/opt/iredapd/tools/wblist_admin.py' --account '@.domain.com' --add --blacklist '172.16.1.10' 'bad-user@example.org'
  • Create a blacklist for the local user user@domain.com and add an IP address 172.16.1.10 and email bad-user@example.org to it:
python3 '/opt/iredapd/tools/wblist_admin.py' --account 'user@domain.com' --add --blacklist '172.16.1.10' 'bad-user@example.org'
  • Show entries from the blacklist for the local mail domain @domain.com:
python3 '/opt/iredapd/tools/wblist_admin.py' --account '@domain.com' --list --blacklist
  • Show entries from the blacklist for the local user user@domain.com:
python3 '/opt/iredapd/tools/wblist_admin.py' --account 'user@domain.com' --list --blacklist

Graylisting

The greylisting plugin (/opt/iredapd/plugins/greylisting.py) is responsible for graylisting. This plugin can be managed using the greylisting_admin.py script (/opt/iredapd/tools/greylisting_admin.py).

Examples for Graylisting

  • Disable global graylisting:
python3 '/opt/iredapd/tools/greylisting_admin.py' --disable --from '@.'
  • Show all graylisting settings:
python3 '/opt/iredapd/tools/greylisting_admin.py' --list
  • Show all sender domain names from the whitelist:
python3 '/opt/iredapd/tools/greylisting_admin.py' --list-whitelist-domains
  • Show all sender addresses from the whitelist:
python3 '/opt/iredapd/tools/greylisting_admin.py' --list-whitelists
  • Add sender domain @example.org to the whitelist:
python3 '/opt/iredapd/tools/greylisting_admin.py' --whitelist-domain --from '@example.org'
  • Remove sender domain @example.org from the whitelist:
python3 '/opt/iredapd/tools/greylisting_admin.py' --remove-whitelist-domain --from '@example.org'
  • Enable graylisting for the local mail domain @example.org:
python3 '/opt/iredapd/tools/greylisting_admin.py' --enable --to '@example.org'
  • Disable graylisting for the local user user@example.org:
python3 '/opt/iredapd/tools/greylisting_admin.py' --disable --to 'user@example.org'
  • Disable graylisting for emails sent from domain @gmail.com to local user user@example.org:
python3 '/opt/iredapd/tools/greylisting_admin.py' --disable --from '@gmail.com' --to 'user@example.org'
  • Disable graylisting for emails sent from IP address 45.56.127.226:
python3 '/opt/iredapd/tools/greylisting_admin.py' --disable --from '45.56.127.226'
  • Delete graylisting settings for the local domain @test.com:
python3 '/opt/iredapd/tools/greylisting_admin.py' --delete --to '@test.com'

Source