On Tue, 2 Feb 2010, Adam Pribyl wrote: > I've done an upgrade of mailserver from debian etch (amavisd-new > 2.4.2-6.1) to lenny (2.6.1.dfsg-1). > > In amavis I use hard whitelisting of a domains (mydomain.cz) and emails. > In lenny it seems amavis changed its behaviour (?) and is whitelisting on > both MAIL FROM (i.e. Retrun-Path) and From: from mail body. In > documentation I found it should only use MAIL FROM: >
With my collegue, we studied the 2.4 and 2.6 behaviour and it is obvious this is really an undocumented change in amavis behaviour. We identified the code that causes this - it is in "sub white_black_list($$$$$)" right at the beginning, and there is no option to switch it off. This may invalidate hard whitelisting of your own domain as "From:" address is not checked by postfix to reject unauthorized senders. There are only two ways around - patch amavis or disable whitelist for your domain. This of course means all your internal mails will be passing thru SA... Adam Pribyl ------------------------------------------------------------------------------ The Planet: dedicated and managed hosting, cloud storage, colocation Stay online with enterprise data centers and the best network in the business Choose flexible plans and management services without long-term contracts Personal 24x7 support from experience hosting pros just a phone call away. http://p.sf.net/sfu/theplanet-com _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/