ISPConfig | RSPAMD: whitelist URL

Discussion in 'Installation/Configuration' started by 30uke, Jan 21, 2021.

  1. 30uke

    30uke Member HowtoForge Supporter

    Hello,
    Someone did send me an e-mail with "freemyip.com" in the content. I would like to know how I can whitelist or suppress this. The goal is to not reject such a message. Thank you.
    Code:
    DBL_ABUSE_PHISH (7.5) [freemyip.com:url]
    AUTH_NA (1)
    MIME_GOOD (-0.1) [text/plain]
    MX_GOOD (-0.01) []
     
  2. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    This means freemyip.com was in a phishing blacklist. It seems like it is not anymore.

    You can lower the given score when a domain is in that blacklist, but you should not do that. Instead, if freemyip.com is blacklisted but is not a phishing site, it should be delisted.
     
  3. Jesse Norell

    Jesse Norell ISPConfig Developer Staff Member ISPConfig Developer

    If this is a "one time" type change you could create a custom rule to subtract points for that domain in a url (I don't find a nice example of exactly that in a few minutes searching); if you expect to do this frequently it might be easier to just setup your own dns based whitelist (so eg. a query like freemyip.com.your-dnsbl.yourdomain.tld returns 127.0.0.10 to subtract 5 points, 127.0.0.20 to subtract 10 points, etc.).
     
  4. 30uke

    30uke Member HowtoForge Supporter

    The service freemyip.com is a dynamic DNS service. I use it for some of my customers running a pfSense firewall with a dynamic WAN IP. This helps me to connect to such a firewall easily. You can easily create a subdomain without having to create an account. You just have to save the whole URL for running the IP updates.
    I guess this service is also being used for illegal activities - and that might be a reason why freemyip.com ended up in some blacklist.

    I would like to know how I could create or add to a white list. When I have a customer with eg ispconfig.freemyip.com, then I would like to add that subdomain to such a whitelist. Thus when a customer sends me an e-mail with such a subdomain, it will hopefully not be blocked.

    Any ideas? Thanks.
     
  5. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    You could whitelist this in theory, but this would whitelist all emails coming from that domain, even if it has other spam indicators. So I would not do that.
     

Share This Page