• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Mail: DNSBL before AUTH after update to 10.1

M

MarcoJ

New Pleskian
Hi,

i've upgraded from Plesk 10.0.1 to 10.1 and i've noticed problems in using my server as a smarthost for my local mailserver. Checking the SMTP communication, i've seen that Plesk now processes the DNSBL list first, discarding the connection request from my IP.

Normally (and the behaviour before 10.1) there should be the chance to do SMTP auth before cancelling a connection due to DNSBL matches.

Has anybody a hotfix for this (I'm using the standard qmail for SMTP)? Also a parallels employee may read this and put this issue in the bugtracker for the next fix release.
 
Dear Igor,

here it is ;-)

However, if there is any hotfix solution for this issue please feel free to post the solution.

---------------------------------------------------------------
PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE
Plesk for Linux, 10.1.1, Debian Lenny, Linux 2.6.18-5-amd64

PROBLEM DESCRIPTION AND STEPS TO REPRODUCE
After Update from Plesk 10.0.1 to 10.1.1, the DNSBL is checked prior to the checking for SNTP AUTH on port 25. This breaks the connection for IP's listed on DNSBL (like dynamic IP's) even before they have a chance to authenticate.
Plesk is set to use qmail (default setting).
Also putting the IP on the whitelist should skip DNSBL, but Whitelisting has no effect to the DNSBL checking.

ACTUAL RESULT
Immediately after connecting to port 25 for a SMTP session, the connection is ended by DNSBL checking if the connecting IP is listed in DNSBL. There is no chance to authenticate before.
Putting the IP on the Whitelist will not skip the DNSBL check, the connection is also ended by DNSBL check if the IP is on the whitelist.

EXPECTED RESULT
The SMTP AUTH should be processed first, giving mailbox owners the chance to use SMTP with authentication also on port 25. Only for unauthenticated sessions, the DNSBL check should be performed.
If the IP is entered on the whitelist, DNSBL should be skipped and the IP should be allowed to do the session.

ANY ADDITIONAL INFORMATION
--------------------------------------------------------------
 
Last edited:
Thank you. I have forwarded it to developers. I will update thread with any useful information as soon as I receive it.
 
Use the attached binary for deb50x64. Enable/disable DNSBL to force it to recreate config.
 

Attachments

  • mailmng.zip
    168.4 KB · Views: 8
having this same problem, all my clients on dynamic address, even though they auth on smtp DNSBL still drops them.
 
Add one more to the pot - suspect same issue

Some clients are experiencing this: when DNSBL is enabled, they can no longer use SMTP. Server drops the connection before the attempts are even logged.

I tried the "mailmng.zip" quick fix for Debian but it caused some Exceptions on the mail server settings page. Unless I should start a new thead for it, I guess I'm requesting a version of this fix in RHEL5 flavor.
 
You must log in or register to reply here.
Back
Top