OpenDNS is rejecting traffic from PBX

I updated my Distro 14 yesterday to all the latest modules and now our OpenDNS (Cisco Umbrella) is rejecting some traffic. Is this legitimate traffic that I should whitelist or do I need to investigate further.

Security Activity
Time Resp. Destination Category Identity

12:45:30 Blocked pool​.​sks-keyservers​.​net Malware, Computer… PBX LDAP (pbxldap…
12:42:33 Blocked pool​.​sks-keyservers​.​net Malware, Computer… PBX LDAP (pbxldap…

Yes those are legitimate servers. They are GPG/PGP public key servers used for opengpg which is used as part of module signing. It seems silly that would be flagged.

1 Like

side note this should NOT affect signature checking as it should failover.

https://git.freepbx.org/projects/FREEPBX/repos/framework/browse/amp_conf/htdocs/admin/libraries/BMO/GPG.class.php?at=refs%2Fheads%2Frelease%2F14.0#45

	// List of well-known keyservers.
	private $keyservers = array(
		"pool.sks-keyservers.net",  // This should almost always work
		"hkp://keyserver.ubuntu.com:80",  // This is in case port 11371 is blocked outbound
		"pgp.mit.edu", // Other random keyservers
		"keyserver.pgp.com",  // Other random keyserver
		"pool.sks-keyservers.net"
	); // Yes. sks is there twice.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.