Disable Greylisting

[iyebvslq]

I set up Mailcow on my home server I've noticed incoming email seem to be delayed a lot sometime 30 mins plus.

Dose Mailcow use greylisting and if so can it been disabled.

[andryyy]

Can you check the Rspamd logs from withing the panel? It does only greylist when a threshold has been exceeded.

Check if you find soft-rejects here and see their symbols. Can you post a screenshot?

[iyebvslq]

Here the screen shots

[andryyy]

You can just disable the MX check module:

cd /somewhere/mailcow-dockerized
echo "enabled = false;" > data/conf/rspamd/local.d/mx_check.conf
docker-compose restart rspamd-mailcow

[iyebvslq]

I will try that, that not the only email that got soft reject, is there anyway to disable the greylist or increases the threshold for it

[K2rool]

I think you can increase the Greylist threshold on Rspamd webui not sure if it work not tested it.

Andryyy dose the score on Rspamd webui for Greylist 4,Probably Spam 5, Spam 15 only affect user who not set a custom spam level via user settings which are stored in filterconf table as am thinking i might need to tweak it a bit on my server.

[andryyy]

I will add a way to disable greylisting.

[Xadagain]

So after more than a year of problems with "soft reject", I would like to disable greylisting, too. ( It's also recommend in the famous "Internet Service Provider Mail Guide" from https://workaround.org/ispmail:

No greylisting. Spammers nowadays seem to be too smart to fall for greylisting. Greylisting delays incoming email but hardly has any effect on spam rejection. So I decided to leave it out. Besides users appreciate if they get their email as quickly as possible. Most of them will not be happy if they need to wait several minutes for a new email.)

I have also the feeling the cost/benefit factor is not worth it.

I've tried to set the Greylisting Score in the rspamd webgui to 500. but there are still mails soft rejected:

I don't expect getting a "disable greylist"-button. But is there a quick and dirty solution? Or maybe you could tell me, which parts of mailcow are involved, so i can look myself. ( I've read that multiple modules can cause this )

[andryyy]

You can search for whatever opinion on Google and find that one "expert" to say "XY is good/bad". :-)

Greylisting is not as effective as it used to be, that's true. But it still works from time to time. And we only apply it to a high scoring mail ("probably spam" - 1). Edit: And that's important! We do not greylist everything. That would indeed be bad. I agree with the guide in that point. You should not punish all senders.

I recommend to check why a message is greylisted, or: why it scored too high. Which symbols are applied? In your example above I'd check the msg-id, is it really invalid? You could give "RCVD_INDNSWL*" a lower score (-3 or something like that).

Anyway, to disable greylisting: You should 1) update mailcow (newer Rspamd versions would not accept a value of 500 in the UI when "Probably Spam" is less than "Greylist" and 2) set "Greylist" to empty:

[Xadagain]

Thanks for that quick reply @andryyy , i already used the newest version of mailcow, but have played a little bit with the values ;)

Now i set Greylist to empty, Probably Spam to 20, subject to empty and Spam to 200. Thats because my company does not want that there are mails rejected, when there is no virus.

I will watch this a little bit, to see if everything works as expected.

and to the topic "opinions on google" i join you fully. And i would also not say that greylist is generally bad, but for my company's usecase it's not so helpful. My private Mailcow uses greylisting with default^^

[pjv]

Hi,

I've followed the instructions here for disabling greylisting - I'm on the latest update to mailcow as of today's date, and I've set the greylist setting in the UI to empty (and saved). I've also restarted not just the rspamd container, but the whole stack.

I'm still seeing soft rejects though.

[andryyy]

What does rspamd-mailcow log?

Does the user have a custom spam filter score via mailcow UI? That will probably override the empty greylist setting in Rspamd UI. You can try to reset it first.

[pjv]

What does rspamd-mailcow log?

can you tell me how to produce the specific logging you want to see?

Does the user have a custom spam filter score via mailcow UI? That will probably override the empty greylist setting in Rspamd UI. You can try to reset it first.

there are no custom user spam filter scores set up on my mailcow server (at all). They are all default and none of my users (other than me) have ever even seen the mailcow UI. i have never messed with any custom spam-related settings for myself other than to whitelist a couple addresses.

[pjv]

does this help any?

[andryyy]

That's in the docs. docker-compose logs rspamd-mailcow <- we only need those lines where it applies a greylist action, not the full logs. We also need the output of docker-compose exec rspamd-mailcow rspamadm configdump

[pjv]

I've created that stuff but it's full of emails and IP's that i don't want to post publicly. how best to send to you privately?

[andryyy]

You only need a few lines of the Rspamd logs where it applies the greylisting. Just remove the IPs and addresses there. The configdump should not contain anything pesonal (just ctrl+f to be sure :)).

[pjv]

the configdump is 105k. is there a part of it that i should extract?

here is the redacted log:

rspamd-mailcow_1     | 2018-12-27 06:05:19 #11(normal) <675bb0>; task; rspamd_task_write_log: id: <1131792599950.1101138862097.4889.0.250704JL.2002@scheduler.constantcontact.com>, qid: <A1DF415AC2A>, ip: x.x.x.x, from: <AgHDq7hznTdKKCRh3v5m7dw==_1101138862097_9/wIML7jEeOsRtSuUqRaCQ==@in.constantcontact.com>, (default: F (soft reject): [9.23/15.00] [BAYES_SPAM(8.50){100.00%;},WHITELIST_SPF_DKIM(-3.00){constantcontact.com:s:+;},URIBL_GREY(1.50){rs6.net.multi.uribl.com;constantcontact.com.multi.uribl.com;},HTML_SHORT_LINK_IMG_2(1.00){},IP_SCORE(0.85){ipnet: x.x.x.x/23(3.09), asn: 40444(1.93), country: US(-0.78);},FORGED_SENDER(0.30){updates@xxx.com;AgHDq7hznTdKKCRh3v5m7dw==_1101138862097_9/wIML7jEeOsRtSuUqRaCQ==@in.constantcontact.com;},BAD_REP_POLICIES(0.10){},MANY_INVISIBLE_PARTS(0.10){2;},MIME_GOOD(-0.10){multipart/alternative;text/plain;},HAS_LIST_UNSUB(-0.01){},MX_GOOD(-0.01){cached: in.constantcontact.com;},ARC_NA(0.00){},ASN(0.00){asn:40444, ipnet:x.x.x.x/23, country:US;},DKIM_TRACE(0.00){auth.ccsend.com:+;},DMARC_NA(0.00){xxx.com;},FROM_HAS_DN(0.00){},FROM_NEQ_ENVFROM(0.00){updates@xxx.com;AgHDq7hznTdKKCRh3v5m7dw==_1101138862097_9/wIML7jEeOsRtSuUqRaCQ==@in.constantcontact.com;},GREYLIST(0.00){greylisted;Thu, 27 Dec 2018 12:10:19 GMT;new record;},HAS_REPLYTO(0.00){updates@xxx.com;},LOCAL_FUZZY_DENIED(0.00){11:3361880df3:0.53:txt;},MIME_TRACE(0.00){0:+;1:+;},RCPT_COUNT_ONE(0.00){1;},RCPT_MAILCOW_DOMAIN(0.00){yyy.com;},RCVD_COUNT_TWO(0.00){2;},RCVD_IN_DNSWL_NONE(0.00){x.x.x.x.list.dnswl.org : 127.0.15.0;},RCVD_TLS_LAST(0.00){},REPLYTO_ADDR_EQ_FROM(0.00){},R_DKIM_ALLOW(0.00){auth.ccsend.com:s=1000073432;},R_SPF_ALLOW(0.00){+ip4:x.x.x.x/22;},SUBJECT_ENDS_EXCLAIM(0.00){},TO_DN_NONE(0.00){},TO_MATCH_ENVRCPT_ALL(0.00){}]), len: 30609, time: 892.005ms real, 66.522ms virtual, dns req: 65, digest: <2aeee9dd3ce0aab9db5cab8361c505c3>, rcpts: <shopping@yyy.com>, mime_rcpts: <shopping@yyy.com>, forced: soft reject "Try again later"; score=nan (set by greylist)

[pjv]

I would figure this out on my own and report on how to do it, but I have no idea where to start. I've read through the rspamd documentation multiple times and, to me, it seems like the most comprehensively bad documentation I can remember seeing anywhere; it seems like it is specifically designed to use as many words possible to avoid revealing how to accomplish what you want to accomplish.

So without understanding the components and plumbing of the default greylisting configuration in mailcow, I'm stuck with just following the directions in this issue, but setting greylist to empty in the mailcow UI produced no effect at all on my server.

[andryyy]

We need logs.

There is no setting to disable greylisting in mailcow.

You can always update docs. Vsevolod would love updates for his docs.

If you don’t want to post any information or don’t have time to strip personal data, what can we do?

[pjv]

If you don’t want to post any information or don’t have time to strip personal data, what can we do?

Sorry, I did post an rspamd log 3 days ago (a couple posts up from here) and asked what sections of the 105k configdump that you wanted to see. Are you unable to see that post above?

[pjv]

hello @andryyy - I'm sure you are very busy and i don't want to harass you, but I'm just checking to see if you have seen the post in this issue where I have put the requested rspamd log 4 days ago here: https://github.com/mailcow/mailcow-dockerized/issues/413#issuecomment-450141324

in that post i also mentioned that the requested configdump is 105k and wonder if there are specific sections of that file that i can post for you rather than sticking it all in here (or if i should pastebin the whole thing).

i also followed up on that yesterday with a post that you may not have seen here: https://github.com/mailcow/mailcow-dockerized/issues/413#issuecomment-450568144 where I wondered whether you had seen the earlier post with the log.

I just want to make sure that you are seeing that I did post the rspamd log.

[andryyy]

A single line of logs is not enough. Just send all logs and the config dump to info@servercow.de please.

[andryyy]

Oh, please also send the output of docker-compose exec php-fpm-mailcow curl http://nginx:8081/settings.php

[pjv]

Thanks for all of your efforts to help with this @andryyy. After doing a bit of googling, I found a simple one-line config change in the rspamd FAQ that disables greylisting completely. It worked for me perfectly with mailcow.

just edit data/conf/rspamd/local.d/greylist.conf and add the following line:

enabled = false;

then restart the rspamd container.

done.

[micoraweb]

Is there no way to switch it off simply?! Like why is this so difficult to enable/disable a functionality with some clear instructions and an easy way?

[BrettDean]

Is there no way to switch it off simply?! Like why is this so difficult to enable/disable a functionality with some clear instructions and an easy way?

@micoraweb https://docs.mailcow.email/manual-guides/Rspamd/u_e-rspamd-disable-greylisting/