Re: [AMaViS-user] how does whitelisting work in amavis?
Coert, > For the whitelists? can I use spamassassins config file? > or is it better to do it inside amavisd.conf? Depends on the functionality you need (authorization method) and ease of changing one or the other config file. auth. based on: | amavisd SpamAssassin +- DKIM/DK | YY SPF | -Y Received| -Y sender | YY -- not recommended! Mark - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] how does whitelisting work in amavis?
Hello! Thanks for your help! worked perfectly. For the whitelists? can I use spamassassins config file? or is it better to do it inside amavisd.conf? On Wed, 2008-11-19 at 11:50 +0100, achraf tangui wrote: > Hi > > I'll answer the second part of you question, > > >And I want to have notifications sent to my postmaster address for > every > >spam and virus infected mail that is 'caught' > > IMHO, this can be done easily by setting this in you config file: > $spam_admin = '[EMAIL PROTECTED]'; > $virus_admin = '[EMAIL PROTECTED]'; > $banned_admin = '[EMAIL PROTECTED]'; > > you can also have the infected email to be sent to some email address > set this : > ###tel amvis how to quarantine## > $virus_quarantine_method = 'local:'; > $spam_quarantine_method = 'local:'; > $banned_files_quarantine_method = 'local:'; > > ###where### > $virus_quarantine_to ='[EMAIL PROTECTED]'; > $spam_quarantine_to = '[EMAIL PROTECTED]'; > $banned_files_quarantine_to = '[EMAIL PROTECTED]'; > ### > > check this http://www.ijs.si/software/amavisd/amavisd-new-docs.html > for policies, including whitlelisting. > Achraf > > > 2008/11/19 Coert Waagmeester <[EMAIL PROTECTED]> > Hello all, > > I have a successful working install of amavisd-new. > > I do not know Perl at all, although I can more or less > understand how > the config files work. > > I have a setup with postfix and dovecot, where all > authentication > happens from LDAP. > > Is it necessary for me to have amavis connect to the LDAP as > well? > > > I want to be able to somewhere make a list of whitelisted > addresses. > > And I want to have notifications sent to my postmaster address > for every > spam and virus infected mail that is 'caught' > > What would be the best way of doing this? > > Do you want me to send through my amavisd-new config file? > > Kind regards, > Coert > > > > - > This SF.Net email is sponsored by the Moblin Your Move > Developer's challenge > Build the coolest Linux based applications with Moblin SDK & > win great prizes > Grand prize is a trip for two to an Open Source event anywhere > in the world > http://moblin-contest.org/redirect.php?banner_id=100&url=/ > ___ > AMaViS-user mailing list > AMaViS-user@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/amavis-user > AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 > AMaViS-HowTos:http://www.amavis.org/howto/ > - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] how does whitelisting work in amavis?
Coert, > [...] I have a setup with postfix and dovecot, where all authentication > happens from LDAP. > > Is it necessary for me to have amavis connect to the LDAP as well? Not necessary, unless you want to use the same LDAP mechanism for per-recipient settings and white/blacklisting, maybe because you want your users to be able to directly adjust their settings in LDAP. Statical lookups are always available, global or per-recipient. > I want to be able to somewhere make a list of whitelisted addresses. If you only need few addresses to be white (or -black) listed and settings do not change often, the easiest is to use statical lookups - see @score_sender_maps, @whitelist_sender_maps, and $per_recip_whitelist_sender_lookup_tables in amavisd.conf-sample. Note that plain whitelisting is pretty much useless these days, when almost all sender and author addresses in spam and viruses are faked. Whitelisting one domain will let through all spam which happens to use that domain as its sending address. If you really must use it, just assign few negative score points though @score_sender_maps, not giving it a full blanco access. The only useful whitelisting mechanisms nowadays are based on some form of authentication of the sending host or domain. On the amavisd side a reliable way to whitelist authors or their domains based on their DKIM (or DK) signature is to use @author_to_policy_bank_maps. This allows not only whitelisting against spam, but also on virus and banned checks, if you chose so. For example: @author_to_policy_bank_maps = ( 'uu.se' => 'WHITELIST', 'uni-bremen.de' => 'WHITELIST', 'tugraz.at' => 'WHITELIST', 'tu-graz.ac.at' => 'WHITELIST', 'aitech.ac.jp'=> 'WHITELIST', 'eurescom.eu' => 'WHITELIST', '.ebay.com' => 'WHITELIST', '.ebay.co.uk' => 'WHITELIST', 'ebay.at' => 'WHITELIST', 'ebay.ca' => 'WHITELIST', 'ebay.de' => 'WHITELIST', 'ebay.fr' => 'WHITELIST', '.paypal.com' => 'WHITELIST', '.paypal.co.uk' => 'WHITELIST', './@paypal.com' => 'WHITELIST', 'amazon.com' => 'WHITELIST', '.cnn.com'=> 'WHITELIST', 'skype.net' => 'WHITELIST', 'welcome.skype.com' => 'WHITELIST', 'cc.yahoo-inc.com/@yahoo-inc.com' => 'WHITELIST', 'cc.yahoo-inc.com'=> 'WHITELIST', '.linkedin.com' => 'MILD_WHITELIST', 'google.com' => 'MILD_WHITELIST', 'googlemail.com' => 'MILD_WHITELIST', './@googlegroups.com' => 'MILD_WHITELIST', './@yahoogroups.com' => 'MILD_WHITELIST', './@yahoogroups.co.uk'=> 'MILD_WHITELIST', './@yahoogroupes.fr' => 'MILD_WHITELIST', 'yousendit.com' => 'MILD_WHITELIST', 'meetup.com' => 'MILD_WHITELIST', '[EMAIL PROTECTED]' => 'MILD_WHITELIST', }); $policy_bank{'MILD_WHITELIST'} = { score_sender_maps => [ { '.' => [-1.8] } ], }; $policy_bank{'WHITELIST'} = { bypass_spam_checks_maps => [1], spam_lovers_maps => [1], }; Alternatively, SpamAssassin offers a couple of useful whitelisting mechanisms, based on DKIM, DK, SPF, or based on a domain in Received header field. Some examples (local.cf): whitelist_from_dkim [EMAIL PROTECTED] whitelist_from_dkim [EMAIL PROTECTED] whitelist_from_dkim [EMAIL PROTECTED] whitelist_from_dkim [EMAIL PROTECTED] whitelist_from_dkim [EMAIL PROTECTED] whitelist_from_dkim [EMAIL PROTECTED] whitelist_from_dkim [EMAIL PROTECTED] whitelist_from_dkim [EMAIL PROTECTED] whitelist_from_dkim [EMAIL PROTECTED] whitelist_from_dkim [EMAIL PROTECTED] whitelist_from_dkim [EMAIL PROTECTED]paypal.com whitelist_from_spf [EMAIL PROTECTED] whitelist_from_rcvd [EMAIL PROTECTED] yahoo.com whitelist_from_rcvd [EMAIL PROTECTED] yahoo.com whitelist_from_rcvd [EMAIL PROTECTED] elsevier.com whitelist_from_rcvd [EMAIL PROTECTED] bund.de There is also a 'whitelist_auth' setting, which covers both DKIM/DK and SPF under one word (with a little less flexibility). See: man Mail::SpamAssassin::Conf > And I want to have notifications sent to my postmaster address for every > spam and virus infected mail that is 'caught' $virus_admin = "[EMAIL PROTECTED]"; or perhaps more useful (just to see new virus types): $newvirus_admin = "[EMAIL PROTECTED]"; For spam setting a global $spam_admin is pretty much useless, as you'd be getting practically all mail. More useful is to set $spam_admin from a policy banks triggered by mail from local users, so you'd be notified of a spam originating from your site: $inet_socket_port = [10024,10026]; $interface_policy{'10026'} = 'ORIGINATING'; $policy_bank{'ORIGINATING'} = { # mail originating from our users originating => 1, virus_admin_maps => ["[EMAIL PROTECTED]"], spam_admin_maps => ["[EMAIL PROTECTED]"], }; Mark ---
[AMaViS-user] how does whitelisting work in amavis?
Hello all, I have a successful working install of amavisd-new. I do not know Perl at all, although I can more or less understand how the config files work. I have a setup with postfix and dovecot, where all authentication happens from LDAP. Is it necessary for me to have amavis connect to the LDAP as well? I want to be able to somewhere make a list of whitelisted addresses. And I want to have notifications sent to my postmaster address for every spam and virus infected mail that is 'caught' What would be the best way of doing this? Do you want me to send through my amavisd-new config file? Kind regards, Coert - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/