• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.

Resolved Emails not being blocked by server wide mail settings/blacklist

G

gregconway

Basic Pleskian
Username:

TITLE

Emails not being blocked by server wide mail settings/blacklist

PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE

Plesk Obsidian Version 18.0.63 Update #4, last updated on Sept 3, 2024 04:59 PM
AlmaLinux 8.10
Intel x64

PROBLEM DESCRIPTION

Further to the article here -

Issue - Server-wide email blacklist not working correctly

I've added several entries to Tools & Settings -> Mail Server Settings -> Black list, but I am still receiving mail from some of these domains. I know that mail "from" header can be spoofed but my understanding was that this black list tool did not care about authenticity and should block mail...
talk.plesk.com talk.plesk.com

I would like to submit a bug report as some emails are not being blocked by server-wide mail settings

Most Domains I add to the blacklist are blocked but a couple get through.

I don't want to post the specifics here as I assume it will appear in the public forum, but I am happy to provide mail headers for emails that get through the blacklist.

STEPS TO REPRODUCE

Add a domain to server wide mail-settings / blacklist
Wait for a spammer to send an email from a blacklisted Domain

ACTUAL RESULT

The email from the blacklisted Domain is still delivered

EXPECTED RESULT

I would expect the email from the blacklisted Domain to not be delivered

ANY ADDITIONAL INFORMATION

The expectations list below does not include "fix the bug" but that would be my expected resolution.

YOUR EXPECTATIONS FROM PLESK SERVICE TEAM

Confirm bug
 
Allow me to clarify the black list feature, as this feature is often misunderstood by users because it's unclear what it does exactly.

The black list feature blocks email messages based on the envelope sender (also known as the return-path in the email headers). The envelope sender can be different from the FROM address of an email. Unfortunately this distinction isn't indicated on the black list page in Plesk, nor is it mentioned on the Plesk Documentation. Causing some confusion among users (as is evident from the forum thread you linked to for example).

As far as I know the the black list technically functions as expected (but without knowing your exact server setup it's hard to say if that's the case for you too). So this isn't a bug in a technical sense. Rather it seems that users have different expectations, as the it's unclear who this black list blocks emails emails. It seems many users expect the black list to block emails based on the FROM header.

@Sebahat.hadzhi maybe the feature (and documentation too) can be improved by clarifying the black list blocks email messages based on the envelope sender rather than on the FROM header. I suspect that this would avoid much confusion for many users :)
 
@gregconway our team reviewed the matter and as mentioned by @Kaspar they confirmed that they see no other reason apart from the envelope sender address differing from the "FROM" address for those emails to be passed and that doesn't qualify as a Plesk bug. A possible workaround they suggested is enabling the greylisting feature, which can be configured in "Tools & Settings" -> "Spam Filter":

  1. Enable "Switch on server-wide greylisting spam protection"
  2. "Black list" -> "Add Address"

@Kaspar thank you for bringing the lack of comprehensiveness of the documentation to our attention. Our team will update it so we can avoid confusion for other users.
 
Hi Sebahat,

Thanks for looking at this.

I will say first off that we tried using greylisting a while back, but due to the way it works (delaying email delivery) we were forced to disable it almost immediately by angry clients who weren't prepared to wait for the second retry before they received their emails! So unfortunately greylisting is not an option for us.

You mention an option 2 "Black list" -> "Add Address" -
This is exactly what I am trying (assuming you mean blacklist from server-wide mail settings), and for most emails it seems very effective.
However, as I have reported to you, some emails do still make it through the blacklist.

And whilst I very much appreciate both your responses, and I understand what you are saying - that it will only blacklist based on the envelope sender and not the FROM header - my question is why is that the case?

When I add emails to the blacklist it is just that - a domain blacklist. Not a domain blacklist for emails where the from address matches the envelope address!

Would it not make more sense that the blacklist blocks all emails regardless of whether the envelope is different to the from address?

The problem as it stands is that it's not an effective solution because it still lets some emails through.

Is it possible to tweak a config file to achieve what I am looking for, or at worst case where should I report this for considering this as a future development request?

Thanks,

Greg.
 
You must log in or register to reply here.

Similar threads

J
Resolved DOMAIN ALIAS - Emails not being forwarded
Replies
1
Views
182
Sebahat.hadzhi
Sebahat.hadzhi
D
Resolved How to Blacklist emails from address that does not end with .com
Replies
5
Views
941
gusentic
G
K
Question Email Blacklist everything but one Domain?
Replies
7
Views
673
Peter Debik
P
T
Migrator doesn't adjust DNS properly (certain conditions)
Replies
6
Views
760
TomBoB
T
nethubonline
Resolved Wrong Email From address if Email From display name contains "<>" and forwarded by Plesk
Replies
3
Views
727
Kaspar@Plesk
Kaspar@Plesk
Back
Top