2
API management of the IP Blacklist
Question asked by Ben Conner - 6/22/2019 at 12:40 PM
Answered
Hi,

I'm trying to develop automated in-house tools to manage the IP blacklist on the current version.  I'm able to authenticate but am not sure how to get, much less create/replace/update/delete entries in the IP blacklist.  The docs indicate this area is deprecated, or rather 'Legacy'.  
What I've tried is a POST to /api/v1/svcServerAdmin/GetBlacklistEntries".  I get back a 200 response but I see nothing in the response file itself.  ?

Is this area still functional in the current version?

Thanks!

--Ben

8 Replies

Reply to Thread
0
Sébastien Riccio Replied
Marked As Answer
Legacy API uses soap and is based on urls like : https://mailserver.domain.com//Services/svcServerAdmin.asmx 

/api/v1/* are for the new REST/json api.

Can't talk for ST folks, but for new developments using the rest API is probably the suggested way to go as they probably won't maintain/fix/update legacy API...

However from what I can understand and while sniffing the IP blacklist api calls in SmarterMail UI blacklisst are set using a whole bunch of api calls and that could be done in one call with the legacy API:

to add an ip in the blacklist
/api/v1/settings/sysadmin/ip-access
/api/v1/settings/sysadmin/ip-access/false
/api/v1/settings/sysadmin/temp-ip-blocks
/api/v1/settings/sysadmin/smtp-block-rules

to remove an ip from the blacklist
/api/v1/settings/sysadmin/ip-access-delete
/api/v1/settings/sysadmin/ip-access/false
/api/v1/settings/sysadmin/temp-ip-blocks
/api/v1/settings/sysadmin/smtp-block-rules

I can't find much explanation in the REST API doc how to properly add a blacklisted IP...

Sébastien Riccio System & Network Admin https://swisscenter.com
0
Ben Conner Replied
Thanks Sébastien.  Hopefully someone from ST will be able to fill in the details.  How did you find this stuff out?

--Ben
0
Sébastien Riccio Replied
Hello Ben,

By reverse engineering the API calls that are made from SmarterMail web interface.
The new rest API is based on what ST uses for their webmail/admin web GUI.

So just log in as admin on webinterface and go add/remove an IP blacklist while using chrome's developper console (f12) or personnally i use Fiddler to log traffic between the browser and the servers.

Cheers

Sébastien Riccio System & Network Admin https://swisscenter.com
0
Sébastien Riccio Replied
Oh, if you use fiddler with https, you need to allow fiddler certificate so it can be a man in the middle and localy decrypt https traffic between your browser and the server.
https://docs.telerik.com/fiddler/Configure-Fiddler/Tasks/DecryptHTTPS 


Sébastien Riccio System & Network Admin https://swisscenter.com
0
Ben Conner Replied
Oh!  That's clever. Hadn't realized the UI is just a front end to the REST platform.  Thanks!

--Ben
0
Ben Conner Replied
Hi,

I am now able to authenticate and send requests to a test copy of SM I set up.  I'm using Fiddler (cool program!) to capture the header and body info of a test blacklist addition.  When I add it via the program interface though I get a 400 Bad request from a straight copy/paste.

The one I tried was
POST to /api/v1/settings/sysadmin/ip-access
body:
{"serviceList":[0],"dataType":1,"address":"5.5.5.5","description":"testme"}

That was what Fiddler had captured when I did it manually (I did delete it after the capture).  Is there anything obvious I'm missing?  Should I run this by SM tech support at this point?

Thanks!

--Ben
0
Jade D Replied
Are you trying to manage IDS blocked IP's or adding IP's to the blocklist via api command?
Jade https://absolutehosting.co.za
0
Tony Scholz Replied
Employee Post
Hello, 

The API call you have there should be working. Please make sure that you are validating to the server as a system administrator for that call. 

POST: http:// + $APIHost + /api/v1/settings/sysadmin/ip-access

{"serviceList":[0,1,2,7],"dataType":1,"address":"123.123.123.123","description":"IP_DESCRIPTION"}

Service List meanings
0=SMTP
1=IMAP
2=POP
7=XMPP

Thank you
Tony Scholz System/Network Administrator SmarterTools Inc. www.smartertools.com

Reply to Thread