Re: [AMaViS-user] whitelist_sender format

Gary V Fri, 29 Dec 2006 13:37:37 -0800

Matt wrote:

> Hello All.


> I need to be able to whitelist entire domains. Where is the best place
> to do this? In amavisd.conf with:

> read_hash(\%whitelist_sender, '/etc/amavis/whitelist_domains');

> $cat /etc/amavis/whitelist_domains

> @goodcompany.com
> @gnu.org
> @freebsd.org

format for this hash is:
goodcompany.com
gnu.org
freebsd.org

or to include subdomains:
.goodcompany.com
.gnu.org
.freebsd.org

This will pass spam regardless of score (and is based on envelope
sender). Whitelists only affect spam.

> Or in spamassassin's local.cf ?

If you use something like this in local.cf:
whitelist_from [EMAIL PROTECTED]
if will deduct 100 points from the score and is based on
information provided in headers:
        Envelope-Sender
        Resent-Sender
        X-Envelope-From
        From
        
whitelist_from_rcvd is preferred over whitelist_from because it offers some
protection from spoofing:
http://spamassassin.apache.org/full/3.1.x/doc/Mail_SpamAssassin_Conf.html#whitelist_and_blacklist_options
but it requires the trust path is functioning correctly.
http://wiki.apache.org/spamassassin/TrustPath
http://marc.theaimsgroup.com/?l=amavis-user&m=116524607123587
http://marc.theaimsgroup.com/?l=amavis-user&m=116507356620556

Alternately you can add the domains to @score_sender_maps to
lower the score (amavisd-new 2.0 or newer):

@score_sender_maps = ({  # a by-recipient hash lookup table
<...>
  # site-wide opinions about senders (the '.' matches any recipient)
  '.' => [  # the _first_ matching sender determines the score boost
<...>
   { # a hash-type lookup table (associative array)
   '.goodcompany.com' => -20,
     '[EMAIL PROTECTED]'                        => -3.0,
     '[EMAIL PROTECTED]'              => -3.0,
<...>
   },
  ],  # end of site-wide tables
});

You can choose your poison. I use all of these at times (depending on how
likely I believe it could be for a sender be spoofed).

There are other ways to do it:
http://www200.pair.com/mecham/spam/bypassing.html#7
This example also bypasses banned files checks but you would not
necessarily need to do so.

Gary V


-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/

Re: [AMaViS-user] whitelist_sender format

Reply via email to