Matt wrote:
> Hello All.
> I need to be able to whitelist entire domains. Where is the best place
> to do this? In amavisd.conf with:
> read_hash(\%whitelist_sender, '/etc/amavis/whitelist_domains');
> $cat /etc/amavis/whitelist_domains
> @goodcompany.com
> @gnu.org
> @freebsd.org
format for this hash is:
goodcompany.com
gnu.org
freebsd.org
or to include subdomains:
.goodcompany.com
.gnu.org
.freebsd.org
This will pass spam regardless of score (and is based on envelope
sender). Whitelists only affect spam.
> Or in spamassassin's local.cf ?
If you use something like this in local.cf:
whitelist_from [EMAIL PROTECTED]
if will deduct 100 points from the score and is based on
information provided in headers:
Envelope-Sender
Resent-Sender
X-Envelope-From
From
whitelist_from_rcvd is preferred over whitelist_from because it offers some
protection from spoofing:
http://spamassassin.apache.org/full/3.1.x/doc/Mail_SpamAssassin_Conf.html#whitelist_and_blacklist_options
but it requires the trust path is functioning correctly.
http://wiki.apache.org/spamassassin/TrustPath
http://marc.theaimsgroup.com/?l=amavis-user&m=116524607123587
http://marc.theaimsgroup.com/?l=amavis-user&m=116507356620556
Alternately you can add the domains to @score_sender_maps to
lower the score (amavisd-new 2.0 or newer):
@score_sender_maps = ({ # a by-recipient hash lookup table
<...>
# site-wide opinions about senders (the '.' matches any recipient)
'.' => [ # the _first_ matching sender determines the score boost
<...>
{ # a hash-type lookup table (associative array)
'.goodcompany.com' => -20,
'[EMAIL PROTECTED]' => -3.0,
'[EMAIL PROTECTED]' => -3.0,
<...>
},
], # end of site-wide tables
});
You can choose your poison. I use all of these at times (depending on how
likely I believe it could be for a sender be spoofed).
There are other ways to do it:
http://www200.pair.com/mecham/spam/bypassing.html#7
This example also bypasses banned files checks but you would not
necessarily need to do so.
Gary V
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
AMaViS-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
