Facebook
Twitter
Pagemakers
Silver Pleskian
Understood. Thank you.
Very happy with the product so far.
Very happy with the product so far.
-
If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
CentOS2Alma discussion
Input Warden Antispam & Virus Protection Extension for Plesk
Pagemakers
Silver Pleskian
How about an option…
If score = X then move to spam folder. If score more than Y then quarantine
If score = X then move to spam folder. If score more than Y then quarantine
danami
Silver Pleskian
Warden Anti-spam and Virus Protection 2.11 has been released. Mark spam as read, improved tracking, and more! Announcement: Announcements - Danami
danami
Silver Pleskian
@Hangover2 if you open up a support ticket I will give you a hotfix for this or if you want to wait the fix will be included in the next release.
danami
Silver Pleskian
Warden Anti-spam and Virus Protection 2.12 has been released. Greylisting Management, Policy Banks, and More! Announcement: Announcements - Danami
Hangover2
Regular Pleskian
Hello @danami ,
it's nice to have the "Greylisting Management" back - as it is normally part of the standard Plesk installation.
We see only one problem: normally we need this feature by default disabled per domain because many clients do not understand when emails arrive "later". So the feature is only used for clients, that receive a lot of spam and that know about the impact, when it is enabled.
Right now in "Warden" we need first to enable it server-wide as per documentation:
"After greylising is enabled server wide you have the option of disabling greylisting per domain"
But then Greylisting is per default enabled for all domains and this is not an option for us. It would be nice - after enabling it server wide - that users can decide weather or not it should be used by an active decision / click.
it's nice to have the "Greylisting Management" back - as it is normally part of the standard Plesk installation.
We see only one problem: normally we need this feature by default disabled per domain because many clients do not understand when emails arrive "later". So the feature is only used for clients, that receive a lot of spam and that know about the impact, when it is enabled.
Right now in "Warden" we need first to enable it server-wide as per documentation:
"After greylising is enabled server wide you have the option of disabling greylisting per domain"
But then Greylisting is per default enabled for all domains and this is not an option for us. It would be nice - after enabling it server wide - that users can decide weather or not it should be used by an active decision / click.
danami
Silver Pleskian
@Hangover2 We fully support disabling greylisting per domain as per our KB article: How can I configure greylisting with Warden Anti-spam and Virus protection? - Knowledgebase - Danami
Also The greylisting feature just uses Plesk's built in implementation and supports the "plesk bin grey_listing" command line interface. You can easily add a Plesk event handler for newly created domains turning greylisting off by default. Example:
Bash:
plesk bin grey_listing --update-domain example.com -status offAttachments
danami
Silver Pleskian
@Hangover2 Here is the event that you would add if you wanted greylisting turned off for newly created domains (after greylisting is enabled server wide):
In Plesk go to Tools & Settings -> Event Manager -> Add Event Handler
In Plesk go to Tools & Settings -> Event Manager -> Add Event Handler
Code:
Event: Default domain (the first domain added to a subscription) created
Priorty: lowest(0)
User: root
Command: /usr/local/psa/bin/grey_listing --update-domain <NEW_DOMAIN_NAME> -status offdanami
Silver Pleskian
Warden Anti-spam and Virus Protection 2.13 has been released. Greylisting Settings Management, Greylisting Whitelist and Blacklists, and More! Announcement: Announcements - Danami
danami
Silver Pleskian
Warden Anti-spam and Virus Protection 2.14 has been released. Third Party Signatures, AbuseIPDB Support, and More!
danami
Silver Pleskian
Warden Anti-spam and Virus Protection 2.16 has been released. Advanced Queue Management, Debian 11 Support, and More! Announcement: Announcements - Danami
Achim Drees
Basic Pleskian
Hi, can I use it under Ubuntu 22.4?
danami
Silver Pleskian
No not yet. Remember that extension developers get new Plesk releases the same time as everyone else so we've only had access to it for less than a week. There are a number of issues that we've already identified in testing under Ubuntu 22.04 so they will have to be fixed before it's supported.
Achim Drees
Basic Pleskian
ok, thank you for the fast answer
danami
Silver Pleskian
@Achim Drees Support for Ubuntu 22.04 LTS was added. Just be advised that Ubuntu users upgrading from 20.04 to 22.04 are required to run the upgrade script /opt/psa/admin/bin/modules/warden/install.sh after dist-upgrading 
Achim Drees
Basic Pleskian
Thank you, I will try when I am back from holidays.@Achim Drees Support for Ubuntu 22.04 LTS was added. Just be advised that Ubuntu users upgrading from 20.04 to 22.04 are required to run the upgrade script /opt/psa/admin/bin/modules/warden/install.sh after dist-upgrading
Hangover2
Regular Pleskian
Hello at all Plesk Warden Anti-spam and Virus Protection users,
at the moment we are facing an outgoing spam problem caused by not blocking detected spam messages if mail was sent to an email alias address.
Steps to reproduce:
-> create an email address e.g.: [email protected]
-> create an email alias for the mailbox e.g.: [email protected]
-> switch on mail forwarding to e.g.: [email protected]
-> set spam action for the mailbox to "block" (for testing purpose maybe set spam level to -9)
If an email is sent to "[email protected]" and it is detected as spam all works fine:
-> delivery is rejected (milter-reject) and forwarding is not triggered
BUT if an email is sent to the alias address [email protected] the following happens:
-> message is still detected as SPAM
-> but it is not blocked, it is sent via postfix/pipe to the main address [email protected]
-> an then it is forwarded to the forward email address (outbound spam detected again!)
-> the provider on the other side then step by step blocks us as spammers
I know external forwarding is never a good solution, but we still need it in some cases. And the block solution would be ok for us because we set a low sensitivity. We are just wondering, why the alias email addresses of the mailbox can bypass the block rule that is working fine on the main email address of the mailbox.
Our only work-around right now is to not use alias addresses and create own mailboxes for every alias with a forwarding. But some clients will not understand / accept.
Any help or hint how to reconfigure the mail server to honor the block rule also for aliases is very appreciated. Thanks in advance!
at the moment we are facing an outgoing spam problem caused by not blocking detected spam messages if mail was sent to an email alias address.
Steps to reproduce:
-> create an email address e.g.: [email protected]
-> create an email alias for the mailbox e.g.: [email protected]
-> switch on mail forwarding to e.g.: [email protected]
-> set spam action for the mailbox to "block" (for testing purpose maybe set spam level to -9)
If an email is sent to "[email protected]" and it is detected as spam all works fine:
-> delivery is rejected (milter-reject) and forwarding is not triggered
BUT if an email is sent to the alias address [email protected] the following happens:
-> message is still detected as SPAM
-> but it is not blocked, it is sent via postfix/pipe to the main address [email protected]
-> an then it is forwarded to the forward email address (outbound spam detected again!)
-> the provider on the other side then step by step blocks us as spammers
I know external forwarding is never a good solution, but we still need it in some cases. And the block solution would be ok for us because we set a low sensitivity. We are just wondering, why the alias email addresses of the mailbox can bypass the block rule that is working fine on the main email address of the mailbox.
Our only work-around right now is to not use alias addresses and create own mailboxes for every alias with a forwarding. But some clients will not understand / accept.
Any help or hint how to reconfigure the mail server to honor the block rule also for aliases is very appreciated. Thanks in advance!
Hangover2
Regular Pleskian
Here is the patched policy rule for the problem mentioned:
The application firewall of the forum does not let me post the new sql statement. I did attach it as pdf file.
The original query was just extended in the "where" clause by another "or" condition including a sub query to catch the policy rule of the main email address if an alias address was the recipient. Without this only the domain level fallback is used leading to the problems mentioned.
After the update reload the Content Filter to apply the changes.
Feel free to test it on your own risk. Our logs look good so far, we can avoid a lot of outgoing spam now. Hopefully the patch will find its way into the Warden Anti-spam and Virus Protection mainline.
/etc/amavis/conf.d/99-wardenThe application firewall of the forum does not let me post the new sql statement. I did attach it as pdf file.
The original query was just extended in the "where" clause by another "or" condition including a sub query to catch the policy rule of the main email address if an alias address was the recipient. Without this only the domain level fallback is used leading to the problems mentioned.
After the update reload the Content Filter to apply the changes.
Feel free to test it on your own risk. Our logs look good so far, we can avoid a lot of outgoing spam now. Hopefully the patch will find its way into the Warden Anti-spam and Virus Protection mainline.
Similar threads
