DNSBL Whitelist not working?
-
Best I can figure, Gmail has suddenly started using 1e100.net to connect (imap.google.com). Multiple lists in pfBlocker block this network. The result is that I cannot send mail. I've tried whitelisting that network in DNSBL whitelist, to no effect. I've also whitelisted it in Snort. And I added a firewall rule to pass that "LAN net" to an alias that specifies 1e100.net. Nonetheless, outbound gmail is being blocked. Had to shutdown pfBlocker just to keep working. What am I doing wrong?
-
More info: if I attempt to whitelist the alert in pfBlockerNG_devel, I'm asked to select the whitelist, but the only choice given is to create a new one, and that fails with "Cannot create new IP Whitelist! Invalid data!" This is pfBlockerNG_devel 3.2.0_5 running on pfssense 23.01 release.
-
Fixed the problem by creating a floating rule that allows outbound connection to 142.250.0.0/15, which is the block of IP addresses used by 1e100.net, the umbrella network for Google's servers. What appears to have happened is that Google changed the DNS entries in the Denver area to route traffic over their network. Several common pfBlockerNG blocklists contain 1e100.net, which I'm sure has plenty of servers that host malware. Although I allow the outbound connection, the inbound WAN rules are still in place, which should block the garbage. Fingers crossed. Thanks very much to the illustrious BBcan177 for his Saturday night patience and assistance!