Bug #3401
mail blacklist ignored if whitelist is empty
| Status: | CLOSED | Start date: | ||
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assignee: | - | % Done: | 100% | |
| Category: | nethserver-mail-filter | |||
| Target version: | v6.8 | |||
| Security class: | Resolution: | |||
| Affected version: | v6.7 | NEEDINFO: | No |
Description
A blacklisted email sender is allowed to send email if the system has no whitelisted senders.
Steps to reproduce:
1. on a system without any Rules by mail address in the Email->Filter page add an email address as a new block from
2. send an email to a user of the system from the above email address
What happens:
the email is accepted and delivered
What I expected:
the email should be refused
What I found in maillog:
May 31 11:25:16 mail amavis[16165]: (16165-03) spam-tag, <filippo.carletti@nethesis.it> -> <scanner@example.org>, No, score=x tagged _above=-1000 required=5 BLACKLISTED WHITELISTED tests=[] autolearn=unavailable
Both BLACKLISTED and WHITELISTED at the same time, white wins.
Workaround: add a fake whitelist entry as a New allow From.
Associated revisions
Safe default value for blacklists. Refs #3401
An empty array seems considered an always matching value: initialize it
with an empty element.
History
#1
Updated by Filippo Carletti about 5 years ago
Changing amavisd.conf like below corrects the problem:
-@whitelist_sender_maps = (); +@whitelist_sender_maps = ([]);
#2
Updated by Davide Principi almost 5 years ago
- Status changed from NEW to TRIAGED
- Target version set to v6.8
- % Done changed from 0 to 20
#3
Updated by Davide Principi almost 5 years ago
- Status changed from TRIAGED to MODIFIED
- % Done changed from 20 to 60
#4
Updated by Davide Principi almost 5 years ago
- Status changed from MODIFIED to ON_QA
- % Done changed from 60 to 70
In nethserver-testing:
nethserver-mail-filter-1.3.8-1.1.g82b2e4a.ns6.noarch.rpm
NOTE: this fix can be released also for ns7
https://github.com/NethServer/nethserver-mail-filter/pull/6
#5
Updated by Giacomo Sanchietti almost 5 years ago
- Assignee set to Giacomo Sanchietti
#6
Updated by Giacomo Sanchietti almost 5 years ago
- Status changed from ON_QA to VERIFIED
- Assignee deleted (
Giacomo Sanchietti) - % Done changed from 70 to 90
Configuration file is correctly generated, mail is blocked:
Sep 5 07:58:00 test amavis[13752]: (13752-01) header_edits_for_quar: <pippo@hotmail.com> -> <giacomo@neth.eu>, Yes, score=x tag=-1000 tag2=5 kill=15 BLACKLISTED tests=[] autolearn=unavailable
#7
Updated by Giacomo Sanchietti almost 5 years ago
- Status changed from VERIFIED to CLOSED
- % Done changed from 90 to 100
- nethserver-mail-filter-1.3.9-1.ns6.noarch.rpm
#8
Updated by Giacomo Sanchietti almost 5 years ago
Released also for NS 7:
nethserver-mail-filter-1.4.3-1.ns7.noarch.rpm