Back to Community Threads
2
API management of the IP Blacklist
Question asked by Ben Conner - 6/22/2019 at 12:40 PM
Answered
Hi,

I'm trying to develop automated in-house tools to manage the IP blacklist on the current version.  I'm able to authenticate but am not sure how to get, much less create/replace/update/delete entries in the IP blacklist.  The docs indicate this area is deprecated, or rather 'Legacy'.  
What I've tried is a POST to /api/v1/svcServerAdmin/GetBlacklistEntries".  I get back a 200 response but I see nothing in the response file itself.  ?

Is this area still functional in the current version?

Thanks!

--Ben

8 Replies

Reply to Thread
0
Sébastien Riccio Replied
6/22/2019 at 2:26 PM
Marked As Answer
Legacy API uses soap and is based on urls like : https://mailserver.domain.com//Services/svcServerAdmin.asmx 

/api/v1/* are for the new REST/json api.

Can't talk for ST folks, but for new developments using the rest API is probably the suggested way to go as they probably won't maintain/fix/update legacy API...

However from what I can understand and while sniffing the IP blacklist api calls in SmarterMail UI blacklisst are set using a whole bunch of api calls and that could be done in one call with the legacy API:

to add an ip in the blacklist
/api/v1/settings/sysadmin/ip-access
/api/v1/settings/sysadmin/ip-access/false
/api/v1/settings/sysadmin/temp-ip-blocks
/api/v1/settings/sysadmin/smtp-block-rules

to remove an ip from the blacklist
/api/v1/settings/sysadmin/ip-access-delete
/api/v1/settings/sysadmin/ip-access/false
/api/v1/settings/sysadmin/temp-ip-blocks
/api/v1/settings/sysadmin/smtp-block-rules

I can't find much explanation in the REST API doc how to properly add a blacklisted IP...
Sébastien Riccio System & Network Admin https://swisscenter.com
0
Ben Conner Replied
6/22/2019 at 9:29 PM
Thanks Sébastien.  Hopefully someone from ST will be able to fill in the details.  How did you find this stuff out?

--Ben
0
Sébastien Riccio Replied
6/22/2019 at 9:36 PM
Hello Ben,

By reverse engineering the API calls that are made from SmarterMail web interface.
The new rest API is based on what ST uses for their webmail/admin web GUI.

So just log in as admin on webinterface and go add/remove an IP blacklist while using chrome's developper console (f12) or personnally i use Fiddler to log traffic between the browser and the servers.

Cheers
Sébastien Riccio System & Network Admin https://swisscenter.com
0
Sébastien Riccio Replied
6/22/2019 at 9:39 PM
Oh, if you use fiddler with https, you need to allow fiddler certificate so it can be a man in the middle and localy decrypt https traffic between your browser and the server.
https://docs.telerik.com/fiddler/Configure-Fiddler/Tasks/DecryptHTTPS 
Sébastien Riccio System & Network Admin https://swisscenter.com
0
Ben Conner Replied
6/23/2019 at 5:42 AM
Oh!  That's clever. Hadn't realized the UI is just a front end to the REST platform.  Thanks!

--Ben
0
Ben Conner Replied
6/29/2019 at 11:46 AM
Hi,

I am now able to authenticate and send requests to a test copy of SM I set up.  I'm using Fiddler (cool program!) to capture the header and body info of a test blacklist addition.  When I add it via the program interface though I get a 400 Bad request from a straight copy/paste.

The one I tried was
POST to /api/v1/settings/sysadmin/ip-access
body:
{"serviceList":[0],"dataType":1,"address":"5.5.5.5","description":"testme"}

That was what Fiddler had captured when I did it manually (I did delete it after the capture).  Is there anything obvious I'm missing?  Should I run this by SM tech support at this point?

Thanks!

--Ben
0
Jade D Replied
7/1/2019 at 3:18 PM
Are you trying to manage IDS blocked IP's or adding IP's to the blocklist via api command?
Jade https://absolutehosting.co.za
0
Tony Scholz Replied
7/1/2019 at 4:01 PM
Employee Post
Hello, 

The API call you have there should be working. Please make sure that you are validating to the server as a system administrator for that call. 

POST: http:// + $APIHost + /api/v1/settings/sysadmin/ip-access

{"serviceList":[0,1,2,7],"dataType":1,"address":"123.123.123.123","description":"IP_DESCRIPTION"}

Service List meanings
0=SMTP
1=IMAP
2=POP
7=XMPP

Thank you
Tony Scholz System/Network Administrator SmarterTools Inc. (877) 357-6278 www.smartertools.com
Back to Community Threads

Reply to Thread

Related Knowledge Base Articles

554 Error - MTA Poor Reputation FixesSmarterMail > Troubleshooting
Find a Compromised AccountSmarterMail > Troubleshooting
Configure SmarterMail as a Free Gateway ServerSmarterMail > Server Configuration and Management
SmarterMail Server Performance TuningSmarterMail > Server Configuration and Management
Configure a Smarthost Gateway in SmarterMailSmarterMail > Server Configuration and Management