[pmg-devel] [RFC pmg-docs 2/2] add white- and blacklist clarification

Wed May 27 17:57:50 CEST 2020

The 'ifndef' lines will need further looking into. Will send a v2.

On 5/27/20 5:42 PM, Mira Limbeck wrote:
> The difference between the 3 whitelists and 2 blacklists is not
> explained anywhere in the docs and leads to confusion all the time.
> To improve this situation add an overview over the different white- and
> blacklists explaining how they work and at which level.
>
> Signed-off-by: Mira Limbeck <m.limbeck at proxmox.com>
> ---
> The location of this new section is based on the comment from:
> https://pve.proxmox.com/pipermail/pmg-devel/2019-November/000778.html
>
>   pmgconfig.adoc | 43 +++++++++++++++++++++++++++++++++++++++++++
>   1 file changed, 43 insertions(+)
>
> diff --git a/pmgconfig.adoc b/pmgconfig.adoc
> index 62944c3..919fa8c 100644
> --- a/pmgconfig.adoc
> +++ b/pmgconfig.adoc
> @@ -186,6 +186,49 @@ you change the configuration using the GUI or API.
>   NOTE: Modified templates from `/etc/pmg/templates/` are automatically
>   synced from the master node to all cluster members.
>   
> +[[pmgconfig_whitelist_overview]]
> +White- and Blacklists
> +---------------------
> +
> +{pmg} has multiple white- and blacklists. It differentiates between the
> +xref:pmgconfig_mailproxy_options[SMTP Whitelist], which is responsible for
> +avoiding greylisting, SPF and DNSBL checks. The rule based whitelist and the
> +user whitelist.
> +In addition to the whitelists there are 2 separate blacklists. The rule based
> +one and the user blacklist.
> +
> +SMTP Whitelist
> +~~~~~~~~~~~~~~
> +
> +The xref:pmgconfig_mailproxy_options[SMTP Whitelist] is responsible for disabling
> +greylisting as well as SPF and DNSBL checks.
> +
> +Rule-based White-/Blacklist
> +~~~~~~~~~~~~~~~~~~~~~~~~~~~
> +
> +The
> +ifndef::manvolnum[]
> +xref:chapter_mailfilter[rule-based white- and blacklists]
> +endif::manvolnum[]
> +are predefined rules. They work by checking the attached 'Who' objects
> +containing e.g. a domain or a mail address for a match. If it matches the
> +assigned action is used, which by default is 'Accept' for the whitelist and
> +'Block' for the blacklist. In the default setup the blacklist has priority
> +over the whitelist and spam checks.
> +
> +User White-/Blacklist
> +~~~~~~~~~~~~~~~~~~~~~
> +
> +The user white- and blacklist are user specific. Every user can add mail addresses
> +to their white- and blacklist. When a user adds a mail address to the whitelist,
> +the spam score will be disabled. This can help the mail being accepted, but it
> +still depends on the other rules what happens next. By default it will be accepted
> +as it is not recognized as spam and quarantined (spam score of 3 or higher).
> +
> +For mail addresses on a user's blacklist the spam score will be increased by 100.
> +It still depends on the rule system what happens when a spam score that high is
> +encountered. In the default setup it will be recognized as spam and quarantined
> +(spam score of 3 or higher).
>   
>   [[pmgconfig_systemconfig]]
>   System Configuration