Automatic whitelisting

This section contains scripts that hMailServer has contributed with. hMailServer 5 is needed to use these.
bathroomfloormatt
New user
New user
Posts: 15
Joined: 2011-01-19 16:39

Re: Automatic whitelisting

Post by bathroomfloormatt » 2011-01-25 14:34

ok ran that command and got

Image

however hamil still wont white list on its own.

i went into the event log and from the line:

"25/01/2011 12:26:32" " spawning new awl update process (C:\Program Files\hMailServer\Events\EventHandlers_awl_update.vbs)"

i copied "C:\Program Files\hMailServer\Events\EventHandlers_awl_update.vbs" from it and pasted into the run box and click run.

that worked and copied all the email addresses from the adresses i had been sending all the tests to.

so it just seems that hmail doesnt want to run the script or is trying an windows wont let it.

bathroomfloormatt
New user
New user
Posts: 15
Joined: 2011-01-19 16:39

Re: Automatic whitelisting

Post by bathroomfloormatt » 2011-01-25 16:05

also,

i added the extra line of "write_log (" spawning new awl update process 2 ("& vbs_update_wl &")")" after the command to run the update to see whether that appears in the event log.

it doesnt, the script is terminating on "WshShell.run vbs_update_wl, 1, false" and not going any further.

as mentioned, if i double click on eventhandlers_awl_update.vbs and run it, then it adds all the addresses. so that works. if i double click eventhandlers.vbs and run that it doesnt add the addresses to the whitelist. so does that confirm the eventhandlers.vbs script is faulty and not hmail? or can you not run the eventhandlers.vbs anyway (even on a working install)?

anyone care to lend me a copy of their eventhandlers.vbs file?
fyi this is where i entered the extra line:

If upd = True Then
write_log (" execute update")
write_log (" spawning new awl update process 1 ("& vbs_update_wl &")")
WshShell.run vbs_update_wl, 1, false
write_log (" spawning new awl update process 2 ("& vbs_update_wl &")")




End If

Thanks
Matt.

philg
Normal user
Normal user
Posts: 38
Joined: 2008-05-03 15:49

Re: Automatic whitelisting

Post by philg » 2011-01-25 17:03

OK, my final suggestion is to change the path for the VBS script (as I tried to suggest in an earlier post).

In Eventhandler.vbs, near the top, change

Code: Select all

Public Const vbs_update_wl = "C:\Program Files\hMailServer\Events\EventHandlers_awl_update.vbs"

to 

Public Const vbs_update_wl = "C:\Progra~1\hMailServer\Events\EventHandlers_awl_update.vbs"


(I'm assuming that path is the correct shortname for c:\program files - sometimes its not esp. on a 64bit server maybe)
do a

Code: Select all

DIR /X
from C:\ to check the short names assigned to each folder.

If that does not work, I'm completely lost as to what else to try.

Let me know....
Phil

bathroomfloormatt
New user
New user
Posts: 15
Joined: 2011-01-19 16:39

Re: Automatic whitelisting

Post by bathroomfloormatt » 2011-01-25 17:37

Hi Phil,

sorry missed that in your earlier posts. The paths are in full as i copy and pasted from explorer address bar the location of the events folder.

not to worry, thanks for your help so far and atleast i can manually run the script if needed.

I have a working v4 install with the whitelist, but was just trying to get a v5 working as the v4 would lock up when people did mass mail outs.

hopefully someone else may have some thoughts, or hopefully auto-whitelist will be in the next verison of hmail.

we have auto-whitelisting and greylisting on our GFI Mail essentials but dont like iis smtp servers lack of real-time logging.

Thanks
Matt.

User avatar
mattg
Moderator
Moderator
Posts: 19994
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: Automatic whitelisting

Post by mattg » 2011-01-25 17:49

I guess a good time to check the basics...

Is scripting enabled in hmailserver?
Is script type set to VB Script?
Are you reloading the script and checking syntax after each change to the eventhandlers.vbs?

Does your eventhandlers.vbs do anything else? Does that work?

Also
bathroomfloormatt wrote:if i double click eventhandlers.vbs and run that it doesnt add the addresses to the whitelist. so does that confirm the eventhandlers.vbs script is faulty and not hmail? or can you not run the eventhandlers.vbs anyway (even on a working install)?
Eventhandlers.vbs typically won't do anything when run on it's own. It will normally only be fired when hMailserver calls the specific sub routines contained in eventhandlers.vbs

A default eventhandlers.vbs is just commented out sub routine names and commented out end sub statements. Essentially it is an empty file.
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

bathroomfloormatt
New user
New user
Posts: 15
Joined: 2011-01-19 16:39

Re: Automatic whitelisting

Post by bathroomfloormatt » 2011-01-25 17:56

SORTED!!!!!!!!!!!!!!! ------------- Thanks for everyones help.

dont ask me why but i changed this:

WshShell.run vbs_update_wl, 1, false

to this:

WshShell.run"""C:\Program Files\hMailServer\Events\EventHandlers_awl_update.vbs""", 1, false

found a post on the internet where it said to put in the extra "

not sure why it doesnt work without the extra "

so now i can send emails through hmail and it adds then to the whitlist.

Thanks again for everyones help, especially philg.

p.s dont know much about scripts and code, but if you happen to drive a volvo 850 t5\t5r\r i know them pretty much inside out.

Matt.

philg
Normal user
Normal user
Posts: 38
Joined: 2008-05-03 15:49

Re: Automatic whitelisting

Post by philg » 2011-01-25 18:14

I was explicitly asking for you to use SHORT paths not FULL paths because of this.
If you had tried the short version as I suggested, I bet it will work.

Its almost the same as the double quotes... basically it cant cope with the space in the file/folder name (thus my shorternd version would be OK).

But never mind, you have fixed it with a slightly different mod (by enclosing the path inside the string in quotes). :D
At least your up and running now - don't forget your using my modified version of the other VBS too (just in case you ever find problems with it).

Thanks,
Phil

bathroomfloormatt
New user
New user
Posts: 15
Joined: 2011-01-19 16:39

Re: Automatic whitelisting

Post by bathroomfloormatt » 2011-01-25 19:44

philg wrote:I was explicitly asking for you to use SHORT paths not FULL paths because of this.
If you had tried the short version as I suggested, I bet it will work.

Its almost the same as the double quotes... basically it cant cope with the space in the file/folder name (thus my shorternd version would be OK).

But never mind, you have fixed it with a slightly different mod (by enclosing the path inside the string in quotes). :D
At least your up and running now - don't forget your using my modified version of the other VBS too (just in case you ever find problems with it).

Thanks,
Phil
ahhhhh, yes have just re-read back and you did say:

"For me its "D:\Progra~1\hMailServer\Events\EventHandlers_awl_update.vbs"
I just noticed that I've used short paths (progra~1) - maybe there is a long file name issue. You could check that too."

will try using short paths to see if it would have made it work.

will let you know, and if it does work will write a full groveling apology for wasting your time - lol.

but seriously, thanks for your help phil much appreciated. Have backed up a copy of your script as i will be upgrading a v4 install shortly and a copy will be going on that aswell.

Thanks
Matt.

philg
Normal user
Normal user
Posts: 38
Joined: 2008-05-03 15:49

Re: Automatic whitelisting

Post by philg » 2011-01-25 20:00

OK no problem - I'm glad to be able to feed back to the community which has helped me here several times :). Now all I need to do is to publish all my other little tweaks, changes and scripts - but that will take me a little more time!

mns17
Normal user
Normal user
Posts: 124
Joined: 2008-06-18 11:13

Re: Automatic whitelisting

Post by mns17 » 2011-01-27 06:56

Hi All!
It's my variant a script:

Code: Select all

Public obApp
Public Const iplocalhost = "1.1.1.1"
Public Const user = "Administrator"
Public Const pw = "password"

Sub OnAcceptMessage(oClient, oMessage)

  If oClient.Username <> ""  Or oClient.IPAddress = iplocalhost Then
     Set obApp = CreateObject("hMailServer.Application")
     Call obApp.Authenticate(user, pw)   
     register_emailadress oMessage
  End If   
   
End Sub

sub register_emailadress(oMessage)
   Dim erg
   Dim tmp
   Dim j
   Dim Domain_to
   Dim in_excluded
   Dim make_write
   dim oMesRep 

   Set obRecipients = oMessage.Recipients
   erg = ""
   RecSpis = ""
  For i = 0 to obRecipients.Count - 1
  Set obRecipient = obRecipients.Item(i)
  tmp = obRecipient.Address
  Domain_to = Split(lcase(tmp),"@")  

  in_excluded = False

  On Error Resume Next
  Dim obDomain
  Set obDomain = obApp.Domains.ItemByName(Domain_to(1))

    if Err = 0 then
      Set obAccount = obDomain.Accounts.ItemByAddress(tmp)
        if Err = 0 then
        in_excluded = true
        end if   
    end if

    If not in_excluded Then   
    Set whtlst = obapp.Settings.AntiSpam.WhiteListAddresses
    make_write = 0
      For j = 0 To whtlst.Count - 1
        Set wlo = whtlst.Item(j)
          If wlo.Description = "zvbs_" & tmp OR wlo.Description = Domain_to(1) Then
          make_write = 1
          Exit For
          End If          
      Next
      if make_write = 0 Then
      Set nwl = whtlst.Add
      nwl.LowerIPAddress = "0.0.0.0"
      nwl.UpperIPAddress = "255.255.255.255"
      nwl.emailaddress = tmp
      nwl.description = "zvbs_" & tmp
      nwl.Save  
      Set oMesRep = CreateObject("hMailServer.Message")
      oMesRep.From = "mailer-daemon@mydomain.ru"
      oMesRep.FromAddress = "mailer-daemon@mydomain.ru" 
      oMesRep.Subject = "Add to WhiteList" 
      oMesRep.AddRecipient oMessage.FromAddress, oMessage.FromAddress
      oMesRep.Body = "e-mail: " & tmp & " add to WhiteList on mailserver mydomain.ru"
      oMesRep.Save 
      End If
    End if
  tmp = ""
  Next  
End Sub
description my be:
domain.com or zvbs_user@domain.com

bathroomfloormatt
New user
New user
Posts: 15
Joined: 2011-01-19 16:39

Re: Automatic whitelisting

Post by bathroomfloormatt » 2011-01-31 14:40

Just thought i would update.

using "Progra~1" instead of "program files" seems to have fixed the original issue.

i have loaded the original version 9 script and that works and has added all the mailserver ip addresses to the whitlist aswell.

have gone back to using phils optimised version for stability reasons.

Thanks
Matt.

bathroomfloormatt
New user
New user
Posts: 15
Joined: 2011-01-19 16:39

Re: Automatic whitelisting

Post by bathroomfloormatt » 2011-01-31 17:45

Just a thought,

does anyone have any thoughts on how to have 2 installs of hmail with the autowhitelist syncing their whitelists?

maybe have the emailaddresses.txt file on the network and have the scripts on each install using it. maybe with philg script with file locking?

The reason for this in my setup would be as we has 2 internet facing hmail servers forwarding onto exchange. we have 2 for redundancy, but only one is used for outgoing email. The server that gets the ouitgoing emails is able to populate its whitelist. however the other server isnt able to. so would be nice if they could share a common list.

matt.

philg
Normal user
Normal user
Posts: 38
Joined: 2008-05-03 15:49

Re: Automatic whitelisting

Post by philg » 2011-02-01 01:49

Urm, I don't see a problem with that in theory but really only in practise will you know if it works.

However, the locking in my version is more against multiple updates of hMailserver and the log files (which you can keep separate anyway) rather than the white list text file(s) - you might need file locking around that too - I think that's in the main eventhandler.vbs though (and I cant remember if I implemented locking there).

So basically be aware that my update mod that you have probably wont implement locking around the text files which might be important.

Of course, the same locking system can apply - really I need a simple function "lock" and "unlock" which can be used multiple times - but that would be coding and testing I don't have time for right now :(

EDIT: If only one server is sending email then in theory you will only have one server writing the file. So you might be OK without locking in the eventhandler.vbs. The problem is, you don't really want to test the theory on a production system, and a test system probably wont exhibit the load in which locking may be important.


Thanks,
Phil

bathroomfloormatt
New user
New user
Posts: 15
Joined: 2011-01-19 16:39

Re: Automatic whitelisting

Post by bathroomfloormatt » 2011-02-17 16:56

quick question:

running philg's moddified script (thanks philg and andyp for the original) - so far nice and stable.

noticed this in the logs:

02/2011 14:45:40" "Start updating whitelist"
"17/02/2011 14:45:40" "**** Unable to run a second instance of awl_update! ****"
"17/02/2011 14:45:41" "**** Unable to run a second instance of awl_update! ****"
"17/02/2011 14:45:41" "**** Unable to run a second instance of awl_update! ****"
"17/02/2011 14:45:42" "**** Unable to run a second instance of awl_update! ****"
"17/02/2011 14:45:42" "**** Unable to run a second instance of awl_update! ****"
"17/02/2011 14:45:43" "**** Unable to run a second instance of awl_update! ****"
"17/02/2011 14:45:43" "**** Unable to run a second instance of awl_update! ****"
"17/02/2011 14:46:28" " Cleared whitelist."
"17/02/2011 14:46:42" "**** Unable to run a second instance of awl_update! ****"
"17/02/2011 14:46:43" "**** Unable to run a second instance of awl_update! ****"
"17/02/2011 14:46:43" "**** Unable to run a second instance of awl_update! ****"
"17/02/2011 14:46:43" "**** Unable to run a second instance of awl_update! ****"
"17/02/2011 14:46:44" "**** Unable to run a second instance of awl_update! ****"
"17/02/2011 14:46:44" "**** Unable to run a second instance of awl_update! ****"
"17/02/2011 14:46:45" "**** Unable to run a second instance of awl_update! ****"
"17/02/2011 14:46:45" "**** Unable to run a second instance of awl_update! ****"
"17/02/2011 14:46:45" "**** Unable to run a second instance of awl_update! ****"
"17/02/2011 14:46:46" "**** Unable to run a second instance of awl_update! ****"
"17/02/2011 14:46:47" "**** Unable to run a second instance of awl_update! ****"
"17/02/2011 14:47:06" " Added addresses of emailaddressfile."
"17/02/2011 14:47:18" " Added addresses of whitelistfile."
"17/02/2011 14:47:18" " Added distribution list members to whitelist successful."
"17/02/2011 14:47:18" "End updating whitelist"

I have noticed that sometimes an address isnt added to the whitelist.

what does the above mean?

Thanks
Matt.

philg
Normal user
Normal user
Posts: 38
Joined: 2008-05-03 15:49

Re: Automatic whitelisting

Post by philg » 2011-02-17 23:24

Hi Matt,

Thats from my modified script - I think its because the AWL is locked (more than one email at the same time) - which perhaps would have caused problems if it were not for my changes - cant be 100% sure its been several weeks since I last looked - I will try and check later.

Thanks,
Phil

bathroomfloormatt
New user
New user
Posts: 15
Joined: 2011-01-19 16:39

Re: Automatic whitelisting

Post by bathroomfloormatt » 2011-02-18 13:45

Hi phil,

yes thats from your script. Has been totally stable so far and have not had to stop-start hmail once whilst running it.

just wasnt sure if the "file locking" would stop all email addresses being added to the whitelist - ie if a load of emails go through hmail the auto whitelisting script will take the first one then ignore the rest untill its free then do another address. so basically miss the emails in between.

or can it capture every email address that goes through even if a 1000 emails were sent through hmail at once.

thanks
Matt.

andyp
Normal user
Normal user
Posts: 191
Joined: 2008-01-18 21:00

Re: Automatic whitelisting

Post by andyp » 2011-09-03 17:39

I like some of the further development and integrated it into my script in the last days, I also switched to database backend as the data store, so we don't have the instability by simulaneously writing/reading in files. Test it and will post the new script in the next days.

chrislees
Normal user
Normal user
Posts: 63
Joined: 2006-11-04 18:30
Location: UK

Re: Automatic whitelisting

Post by chrislees » 2011-12-04 22:17

Don't overlook the basics...

After a minor disaster needing a server rebuild I made some mistakes requiring that I put AWL back in manually (backup not as complete as I thought it was!). I have spent the last 3 hours and 40 minutes attempting to fix the error

"ERROR" 2568 "2011-12-04 20:09:08.334" "Script Error: Source: (null) - Error: 80070002 - Description: (null) - Line: 155 Column: 3 - Code: (null)

which I have fixed in the past but couldn't remember well enough to replicate from memory.

I went through the entire post attempting all the offered solutions and recognising most of them from a couple of years ago.

Nothing worked, until...



Scripts must be reloaded every time you change something in EventHandlers.vbs! A couple of years ago that was second nature but it is a tribute to hMailServer and those involved in writing it that I have to spend so little time maintaining it that I completely forgot that fact!

Thanks to those who keep it working so well, and thanks to those who contribute to the forum!!!
hMailServer 5.4 (1931)

Greta
Senior user
Senior user
Posts: 306
Joined: 2007-01-02 13:23
Contact:

Re: Automatic whitelisting

Post by Greta » 2013-11-14 16:01

I have installed also the vb scrip. And I get e-mail addresses in the emailaddresses.txt file. But nothing else happens. Is that correct? I had expected de addresses also into the settings > Anti-spam > White listing table. But nothing there. Probable I don’t quite understand how this script is working and what it does. I have now read this thread several times and still understand exactly what it does :-(

Can someone tell me list in a few words technical how it works and what it does? So I understand the script….

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Automatic whitelisting

Post by percepts » 2013-11-15 02:07

Did you reload scripts in hmail admin / settings / advanced / scripts after changing your eventhandlers.vbs ?

If not then do it otherwise please post the complete copy of your eventhandlers.vbs here.

Greta
Senior user
Senior user
Posts: 306
Joined: 2007-01-02 13:23
Contact:

Re: Automatic whitelisting

Post by Greta » 2013-11-15 11:05

Maybe have I more specified my questions.

-What is the meaning of the file emailaddresses.txt.
-The whitelist is cleared after a while. After how many days will it be cleared. And will be the complete list cleared?
-Updating the white list. Then we are speaking about the settings > Anti-spam > White listing table?

Code: Select all

	If upd = True Then
		write_log ("    execute update")
		if fs.FileExists(vbs_update_wl) then
			WshShell.run(vbs_update_wl)
		else
			write_log ("      Error, cannot find: " & vbs_update_wl)
		end if
	End If
-upd is never set. I must set it to true before the whitelist is updated?

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Automatic whitelisting

Post by percepts » 2013-11-15 11:12

percepts wrote:please post the complete copy of your eventhandlers.vbs here.
I'm not prepared to play guessing games with a complex script like this. Either you post what has been requested or you can work it out yourself. You can obfuscate anything sensitive such as email addresses in the script.

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Automatic whitelisting

Post by percepts » 2013-11-15 11:16

I would add that greylisting only happens once for an email address. The address is then automatically whitelisted in grey listing for the amount of days set in the greylisting setup. So you really shouldn't need this script unless its critical that any incoming email is never greylisted.

Also using this script will stop any other spam checking on mail from anyone you have sent email to. Do you really want that to happen?

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Automatic whitelisting

Post by percepts » 2013-11-15 13:13

percepts wrote:I would add that greylisting only happens once for an email address.
Correction, that should read:

"I would add that greylisting only happens once for an IP Address."

Greta
Senior user
Senior user
Posts: 306
Joined: 2007-01-02 13:23
Contact:

Re: Automatic whitelisting

Post by Greta » 2013-11-15 14:10

Hi Percepts.

I use the original EventHandlers.vbs from awl_v5_version9.zip [7.25 KiB]

I have now read several time the script now And I think I understand now how it works. The file emailaddresses.txt contains the e-mail addresses and keep track of when a address has to be removed.
But after how many days will a address be removed? I see something about remember_wl_address = 180. Is this 180 hours or 180 days?

Assume it is days. Is the record update every time a message for this address is sent for 180 days?
Or let I say it different. Will be on the emailaddresses.txt the e-mail address get the last date when again a message is sent to it.

And when an address has to be removed, the complete whitelist will be clear and rebuild from the emailaddresses.txt file?
I have entry’s on the whitelist and they must stay on it. Then I have to put them into the whitelist.txt file. Otherwise I lost them if I‘m right. If so can anyone tell me what the correct way is to fill the whitelist.txt? Something like Description Lower IP Upper IP E-mail address?
percepts wrote:I would add that greylisting only happens once for an email address. The address is then automatically whitelisted in grey listing for the amount of days set in the greylisting setup. So you really shouldn't need this script unless its critical that any incoming email is never greylisted.

Also using this script will stop any other spam checking on mail from anyone you have sent email to. Do you really want that to happen?
Your completely right. But because some companies have no prior to configure their SPF or MX records correct of their own domain and usage for example google mailserver for sending it.
We have a lot complains because the email becomes too late. Especially with google and outlook (gray problem: http://www.hmailserver.com/forum/viewto ... =7&t=24139)

So I’m look for an alternative. Because it is not working to add all these google and outlook ip addresses of their mail servers and maintain them. Or maybe you have a better alternative?

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Automatic whitelisting

Post by percepts » 2013-11-15 14:34

I never used this script so I don't have answers for you about what the script actually does. But reading script and the documentation that comes with it in the zip file should answer all your questions.

But I still think greylisting without the script should work well if greylisting is configured well.

If you try following settings for greylisting and disable script while you try it.

minutes to defer = 4
days before removing unused record = 2
days before removing used records = 365

the first of these, "minutes to defer", is the most critical. gmail will retry to send quite quickly, less than 7 minutes so if this value is too high it will go back to gmail a second time and the third time gmail tries to send is a much longer wait.

Most spammers don't retry to send so infact setting minutes to defer=4 would stop most high volume spammers whilst letting through gmail, yahoo etc on their first retry which happens quite quickly.

So is between 2 and 5 minutes (whichever you choose) really too long to wait ?

If the senders server isn't configured to retry in a sensible time frame then they should be configuring their server properly and you should NOT need to be reducing your security levels to accomodate their badly configured mail server.

What setting do you have in minutes to defer ?

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Automatic whitelisting

Post by percepts » 2013-11-15 14:46

Using bypass greylisting on SPF pass should allow all gmail through without problems.

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Automatic whitelisting

Post by percepts » 2013-11-16 07:11

From the file awl_script.txt you must take the section "Global variables and settings" and place it at the top of your eventhandlers.vbs script (under option explicit).

From the file awl_script.txt you must take the contents of onAcceptMessage and place it in your onAcceptMessage sub of eventhamdlers.vbs. Make sure onAcceptMessage is not commented out and that includes the End Sub

From the file awl_script.txt you must take the section "Automatic Whitelist" and all sections below and palce at bottom of your evenhandlers.vbs script file.

modify any of the constants at the top that you want to modify.
save eventhandlers.vbs

Then reload scripts and check syntax from hmailadmin.

Then edit file whitelist.txt. The format is ( I think ) one per line.

user@domain.com

Then modify any constants you want in file EventHandlers_awl_update.vbs

Then to add those addresses you must run EventHandlers_awl_update.vbs manually (you can run this using task scheduler every x days if you want). Just double click on it to run it manually.

Now the code in eventhandlers.vbs will add new ones from authd senders automatically according to the const settings you have made.

That is how I read it but I have never used this script. Its upto to you to understand the maintenance scripts you are using. As I said in my reply in other thread:
Answer is yes you could if you know how to code VBScript and understand how to use the COM API and scripting in hMail.
The answers to your questions are in the files and code which are in the zip file and in the hmail online docs.

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Automatic whitelisting

Post by percepts » 2013-11-16 08:52

foget above manual run, I was wrong. It is run from eventhandlers.vbs from the code you posted.

User avatar
mattg
Moderator
Moderator
Posts: 19994
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: Automatic whitelisting

Post by mattg » 2013-11-16 14:38

percepts wrote:
percepts wrote:I would add that greylisting only happens once for an email address.
Correction, that should read:

"I would add that greylisting only happens once for an IP Address."
That should read 'greylisting only happens once for an IP address, SENDER and recipient Triplet'. A new sender or recipient will mean a new greylisting triplet even if the same IP is used.
percepts wrote:Using bypass greylisting on SPF pass should allow all gmail through without problems.
While this is true, hMailserver also accepts a SPF record that ends in '+all' (which means ANY IP address) and so all badly configured SPF records (and there are tens of thousands of such domains) will ALSO bypass greylisting - which is bad.

The solution for greylisting and gmail senders is to either accept that mail from new senders will take upto a day to arrive, or to whitelist ALL gMail Mail servers (there are only 12 or 14 I think)
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Automatic whitelisting

Post by percepts » 2013-11-16 15:09

I've been looking at this in some more detail as its part of hmail I don't know much about.

It is horrendously complicated by the fact that table hm_whitelist is indexed using an auto increment value and not email address AND there is no read whitelist by email address method. If email addresses were indexed then just doing an add would either insert of fail if it already existed. But as it is now add always works and yu end up with duplicate values.

I figure currently it works fine for greylisting but for auto whitelisting it doesn't, but then it wasn't designed for auto whitelisting from script.

And since you can't auto greylist whitelist on send because recipient IP isn't available unless you read the log smtpc lines, the coding required to handle autowhitelisting becomes complicated and inefficient, especially if you have a busy server.

I'm inclined to agree with your assessment Matt.

There may only be a few CIDR format gmail IPs (18 in SPF I think including IPv6) but I tested CIDR format in greylist whitelist and they don't work, i.e. you need to put individual IP's or wildcard IPs but there are hundreds (possibly thousands) of those.

The simplest way of whitelisting all gmail, yahoo, etc would be to use spam whitelist by domain using domain wildcard as in *@gmail.com entered in the email address. That way you only need one per domain.

If you know all your client domains then that should be a fairly simple manual operation (unless you have hundreds) and negates the need for a script. Then just add new ones as necessary.

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Automatic whitelisting

Post by percepts » 2013-11-16 16:15

OK I wrote a much simplified script which auto whitelists recipient email addresses when sent from auth'd senders. However it doesn't have all the reporting and cleanup and manual loading mechanisms that AndyP script has. But if you don't want all that then this works.

The potential downsides to this script are, firstly it may quickly build a very large whitelist if you are sending to hundreds or more recipients. And secondly because it has to trawl through the full whitelist to check if the address is already in list(no method available to read by email address), it will become slow if the list grows to hundreds or more entries. But then again, it isn't using any external files with open and closes which slows down hMail.
Also no Spam checking on anything in whitelist, i.e. when you send to anyone then anything they send to you is not spam checked.

Having said that, this is what you wanted.

I did quick testing and it seems to work fine with gmail address I tested with greylisting switched on. i.e. it created whitelist and then it let gmail address straight through.

Place code in your onAcceptMessage Sub (in eventhandlers vbs) and set your admin password in code. Save and reload scripts. It's as simple as that.

Code: Select all

'--------------------------------------------------------
' Auto Whitelist recipients from auth'd senders
'--------------------------------------------------------
If oClient.Port = 25 Then  ' set your smtp sending port number here
 If oClient.Username <> "" Then
  Dim oApp
  Dim oWhitelistAddresses
  Dim oWhitelistAddress
  Dim oRecipient
  Dim bAlreadyInWhiteList
  bAlreadyInWhiteList = False
  Set oApp = CreateObject("hMailServer.Application") 
  Call oApp.Authenticate("Administrator","password") ' *** set your administrator password in this line ***
  Set oWhitelistAddresses = oApp.Settings.AntiSpam.WhiteListAddresses
  For oRecipient = 0 to oMessage.Recipients.Count-1
   If Not oMessage.Recipients(oRecipient).IsLocalUser Then
    For oWhitelistAddress = 0 to oWhitelistAddresses.Count-1
     If oWhitelistAddresses(oWhitelistAddress).EmailAddress = oMessage.Recipients(oRecipient).Address Then
      bAlreadyInWhiteList = True
     End If
    Next
    If bAlreadyInWhiteList = False Then
     Set  oWhitelistAddress = oWhitelistAddresses.Add      
     oWhitelistAddress.LowerIPAddress = "0.0.0.0"
		   oWhitelistAddress.UpperIPAddress = "255.255.255.255"
		   oWhitelistAddress.emailaddress = oMessage.Recipients(oRecipient).Address
		   oWhitelistAddress.description = "Auto Add Recipient " & oMessage.Recipients(oRecipient).Address
		   oWhitelistAddress.Save
		  End If 
		 End If 
  Next
 End If 
End If

'--------------------------------------------------------


percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Automatic whitelisting

Post by percepts » 2013-11-16 17:18

quick mod to above:

Add line after: bAlreadyInWhiteList = True so it looks like:

Code: Select all

bAlreadyInWhiteList = True
Exit For
this is just to save some processing

Greta
Senior user
Senior user
Posts: 306
Joined: 2007-01-02 13:23
Contact:

Re: Automatic whitelisting

Post by Greta » 2013-11-17 19:34

Nice works. I assume you put this code in the eventhandler.vbs on the Sub OnAcceptMessage(oClient, oMessage)

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Automatic whitelisting

Post by percepts » 2013-11-17 20:41

yes

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Automatic whitelisting

Post by percepts » 2013-11-18 02:04

I made a some basic mods to code. Basically to put a Date in the description so that you have possibility to remove old entries from whitelist using some script at a future time if you want/need to. Original above still works fine but this is slightly better.

Code: Select all

'--------------------------------------------------------
' Auto Whitelist recipients from auth'd senders
'--------------------------------------------------------
If oClient.Port = 25 Then  ' set your smtp sending port number here
 If oClient.Username <> "" Then
  Dim oApp
  Dim oWhitelistAddresses
  Dim oWhitelistAddress
  Dim oRecipient
  Dim InWhiteList
  InWhiteList = False
  Set oApp = CreateObject("hMailServer.Application") 
  Call oApp.Authenticate("Administrator","password") ' set your administrator password in this line 
  Set oWhitelistAddresses = oApp.Settings.AntiSpam.WhiteListAddresses
  For oRecipient = 0 to oMessage.Recipients.Count-1
   If Not oMessage.Recipients(oRecipient).IsLocalUser Then
    For oWhitelistAddress = 0 to oWhitelistAddresses.Count-1
     If oWhitelistAddresses(oWhitelistAddress).EmailAddress = oMessage.Recipients(oRecipient).Address Then
      InWhiteList = True
      Exit For
     End If
    Next
    If Not InWhiteList Then
     Set  oWhitelistAddress = oWhitelistAddresses.Add      
     oWhitelistAddress.LowerIPAddress = "0.0.0.0"
		   oWhitelistAddress.UpperIPAddress = "255.255.255.255"
		   oWhitelistAddress.emailaddress = oMessage.Recipients(oRecipient).Address
		   oWhitelistAddress.description = Date & " Auto Add Recipient " & oMessage.Recipients(oRecipient).Address
		   oWhitelistAddress.Save
		  End If 
		 End If 
  Next
 End If 
End If

'--------------------------------------------------------

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Automatic whitelisting

Post by percepts » 2013-11-18 05:47

Another mod.
Script now updates the whitelist description with current date if address is already in whitelist. This is so that if you write a script to delete anything in whitelist which is older than x days, anyone you have been sending email to recently won't get deleted. But you need to write your own script to do that if you want to.

Code: Select all

'--------------------------------------------------------
' Auto Whitelist recipients from auth'd senders
'--------------------------------------------------------
If oClient.Port = 25 Then  ' set your smtp sending port number here
 If oClient.Username <> "" Then
  Dim oApp
  Dim oWhitelistAddresses
  Dim oWhitelistAddress
  Dim oRecipient
  Dim InWhiteList
  InWhiteList = False
  Set oApp = CreateObject("hMailServer.Application") 
  Call oApp.Authenticate("Administrator","password") ' set your administrator password in this line 
  Set oWhitelistAddresses = oApp.Settings.AntiSpam.WhiteListAddresses
  For oRecipient = 0 to oMessage.Recipients.Count-1
   If Not oMessage.Recipients(oRecipient).IsLocalUser Then
    For oWhitelistAddress = 0 to oWhitelistAddresses.Count-1
     If oWhitelistAddresses(oWhitelistAddress).EmailAddress = oMessage.Recipients(oRecipient).Address Then
 		   oWhitelistAddresses(oWhitelistAddress).Description = Date & " Auto Add Recipient " & oMessage.Recipients(oRecipient).Address
	 	   oWhitelistAddresses(oWhitelistAddress).Save
      InWhiteList = True
      Exit For
     End If
    Next
    If Not InWhiteList Then
     Set  oWhitelistAddress = oWhitelistAddresses.Add      
     oWhitelistAddress.LowerIPAddress = "0.0.0.0"
		   oWhitelistAddress.UpperIPAddress = "255.255.255.255"
		   oWhitelistAddress.emailaddress = oMessage.Recipients(oRecipient).Address
		   oWhitelistAddress.description = Date & " Auto Add Recipient " & oMessage.Recipients(oRecipient).Address
		   oWhitelistAddress.Save
		  End If 
		 End If 
  Next
 End If 
End If

'--------------------------------------------------------


Greta
Senior user
Senior user
Posts: 306
Joined: 2007-01-02 13:23
Contact:

Re: Automatic whitelisting

Post by Greta » 2013-11-21 16:49

Hi,

You use If oClient.Port = 25 Then ' set your smtp sending port number here But what if users sent there e-mail with imap or use the alternative port 587. Works this script then also?

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Automatic whitelisting

Post by percepts » 2013-11-21 16:53

That test is not really necessasry. You can take it out. i.e. The first line:

Code: Select all

If oClient.Port = 25 Then  ' set your smtp sending port number here 
and the last line

Code: Select all

End If

User avatar
mattg
Moderator
Moderator
Posts: 19994
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: Automatic whitelisting

Post by mattg » 2013-11-21 23:50

Greta wrote:... But what if users sent there e-mail with imap
IMAP is for downloading / storing mail.

If mail is 'sent' it is sent via SMTP
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

Greta
Senior user
Senior user
Posts: 306
Joined: 2007-01-02 13:23
Contact:

Re: Automatic whitelisting

Post by Greta » 2013-11-24 19:35

To add an recipient to the whitelist you use oWhitelistAddress = oWhitelistAddresses.Add But how to delete a recipient? I have found DeleteByDBID(long DBID) But what is the long DBID? And how do I get this long DBID from a specified field.

And if I delete them directly from the database and after that I do a oWhitelistAddresses .Refresh will the whitelist then reloaded?

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Automatic whitelisting

Post by percepts » 2013-11-24 20:24

Following code should be saved in a new file. Call it WhitelistCleanup.vbs and place the file in your hmailserver/events folder.
You can run it manually by double clicking on it and/or you can setup a windows scheduled task to run it every day.

It deletes entries added by above script which are older than x days. Just make sure the description contains "Auto Add Recipient" in both scripts.

The effect is to remove anyone from the whitelist you have not been communicating with for the last x days so that the whitelist doesn't become too big.

Code: Select all

'Force error on undeclared variables
Option Explicit
'--------------------------------------------------------------------------
' Cleanup of Whitelist entries created with Auto Add Recipient to whitelist
'--------------------------------------------------------------------------
Dim oApp
Dim oWhitelistAddresses
Dim oWhitelistAddress
Dim Days
Days = 180  ' *** set age in days of Auto Add Recipient whitelist entries to be deleted
Dim WLDate
Dim oEventLog

Set oApp = CreateObject("hMailServer.Application") 
Call oApp.Authenticate("Administrator","password") ' set your administrator password in this line 
Set oEventlog = CreateObject("hMailServer.EventLog")
Set oWhitelistAddresses = oApp.Settings.AntiSpam.WhiteListAddresses
For oWhitelistAddress = 0 to oWhitelistAddresses.Count-1
 if (InStr(1, oWhitelistAddresses(oWhitelistAddress).Description, "Auto Add Recipient", 1) > 0) Then
  WLDate = Mid(oWhitelistAddresses(oWhitelistAddress).Description,1,10) 
  if DateDiff("d", WLDate, Date) >= Days then
   oEventLog.Write("Whitelist Delete: " & oWhitelistAddresses(oWhitelistAddress).EmailAddress)
	  oWhitelistAddresses(oWhitelistAddress).Delete
  End If
 End If 
Next

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Automatic whitelisting

Post by percepts » 2013-11-24 22:02

Also,
I'm not sure what WhitelistAddresses.Refresh does. I presume it means whitelistAddresses are held in memory but I don't know for sure. However, you can add following line to end of above script as it won't harm anything (I think)

oWhitelistAddresses.Refresh

Perhaps it should be done in the add script as well, I'm not sure.

Greta
Senior user
Senior user
Posts: 306
Joined: 2007-01-02 13:23
Contact:

Re: Automatic whitelisting

Post by Greta » 2013-11-28 09:17

Thanks for the help. It works!!.

tomtom76
Normal user
Normal user
Posts: 31
Joined: 2012-04-05 16:16

Re: Automatic whitelisting

Post by tomtom76 » 2015-07-27 11:41

Great Work - thank you! i need this autowhitelist too

Will this work with hMailServer 5.6.3 (Build 2249) too?

User avatar
jimimaseye
Moderator
Moderator
Posts: 8070
Joined: 2011-09-08 17:48

Re: Automatic whitelisting

Post by jimimaseye » 2015-07-27 11:45

Yes.
HMS 5.6.6 B2383 on Win Server 2008 R2 Foundation, + 5.6.7-B2415 on test.
SpamassassinForWindows 3.4.0 spamd service
AV: Clamwin + Clamd service + sanesecurity defs : https://www.hmailserver.com/forum/viewtopic.php?f=21&t=26829

timur
New user
New user
Posts: 7
Joined: 2018-05-09 08:57

Re: Automatic whitelisting

Post by timur » 2018-08-20 15:53

Hi folks,

I just used the AWS and my whitelist was more than 4.000.000 records after several days. I had to delete all records on the SQL DB to get and disable the scripts to get hMailServer running.

In the error logs I get "Out of memory" exceptions on an machine with 48 GB RAM.

Code: Select all

""ERROR"	7220	"2018-08-20 10:22:10.527"	"Severity: 2 (High), Code: HM5031, Source: ADOConnection::RecordCount, Description: Error while determining the number of rows in a recordset. ADO-Source: Microsoft Cursor Engine. ADO-Description: Out of memory.""
Is there anyone who had the same problem? Can hMailServer (latest beta) handle this high number of records in the whitelist?

Thanks in advance.

User avatar
katip
Senior user
Senior user
Posts: 671
Joined: 2006-12-22 07:58
Location: Istanbul

Re: Automatic whitelisting

Post by katip » 2018-08-20 16:49

timur wrote:
2018-08-20 15:53
I just used the AWS and my whitelist was more than 4.000.000 records after several days.
if you're an ISP, i'd suggest you look for other solutions than this script to whitelist external recipients, or better not at all.
if you're not an ISP (or enterprise sized establishment with thousands of users), you may have other issues i think.

we're a modest company with 15-20K daily volume. in 1 year about 30K addresses were collected. never cleaned anything yet.
Katip
--
HMS 5.7.0-B2428-LTS-64-bit, MySQL 5.7.24, SA 3.4.2, ClamAV 0.101.2 + SaneS

timur
New user
New user
Posts: 7
Joined: 2018-05-09 08:57

Re: Automatic whitelisting

Post by timur » 2018-08-20 17:33

if you're an ISP, i'd suggest you look for other solutions than this script to whitelist external recipients, or better not at all.
No, we're not :-) Just have one domain with 40 accounts.
we're a modest company with 15-20K daily volume. in 1 year about 30K addresses were collected. never cleaned anything yet.
And no issue with hMailServer? Mmh... I've to investigate further to this issue. But 30K addresses seems not much. Let me activate this again and look if there is another issue. I don't think there is an issue with MSSQL or the server. I don't know why the script is getting an "out of memory" exception for counting the recordset.

What I don't understand is that I exported 26676 addresses from the ERP to the whitelist.txt and I've got 205 entries in the emailaddresses.txt. I was not able to open up the whitelist with the hMailServer GUI. So how can this be to get 4.000.000 records in the database?

EDIT: I just saw that I've got 40ish wscript processes open. I had to restart my server.

Post Reply