Re: [AMaViS-user] how does whitelisting work in amavis?
Coert, > For the whitelists? can I use spamassassins config file? > or is it better to do it inside amavisd.conf? Depends on the functionality you need (authorization method) and ease of changing one or the other config file. auth. based on: | amavisd SpamAssassin +- DKIM/DK | YY SPF | -Y Received| -Y sender | YY -- not recommended! Mark - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] how does whitelisting work in amavis?
Hello! Thanks for your help! worked perfectly. For the whitelists? can I use spamassassins config file? or is it better to do it inside amavisd.conf? On Wed, 2008-11-19 at 11:50 +0100, achraf tangui wrote: > Hi > > I'll answer the second part of you question, > > >And I want to have notifications sent to my postmaster address for > every > >spam and virus infected mail that is 'caught' > > IMHO, this can be done easily by setting this in you config file: > $spam_admin = '[EMAIL PROTECTED]'; > $virus_admin = '[EMAIL PROTECTED]'; > $banned_admin = '[EMAIL PROTECTED]'; > > you can also have the infected email to be sent to some email address > set this : > ###tel amvis how to quarantine## > $virus_quarantine_method = 'local:'; > $spam_quarantine_method = 'local:'; > $banned_files_quarantine_method = 'local:'; > > ###where### > $virus_quarantine_to ='[EMAIL PROTECTED]'; > $spam_quarantine_to = '[EMAIL PROTECTED]'; > $banned_files_quarantine_to = '[EMAIL PROTECTED]'; > ### > > check this http://www.ijs.si/software/amavisd/amavisd-new-docs.html > for policies, including whitlelisting. > Achraf > > > 2008/11/19 Coert Waagmeester <[EMAIL PROTECTED]> > Hello all, > > I have a successful working install of amavisd-new. > > I do not know Perl at all, although I can more or less > understand how > the config files work. > > I have a setup with postfix and dovecot, where all > authentication > happens from LDAP. > > Is it necessary for me to have amavis connect to the LDAP as > well? > > > I want to be able to somewhere make a list of whitelisted > addresses. > > And I want to have notifications sent to my postmaster address > for every > spam and virus infected mail that is 'caught' > > What would be the best way of doing this? > > Do you want me to send through my amavisd-new config file? > > Kind regards, > Coert > > > > - > This SF.Net email is sponsored by the Moblin Your Move > Developer's challenge > Build the coolest Linux based applications with Moblin SDK & > win great prizes > Grand prize is a trip for two to an Open Source event anywhere > in the world > http://moblin-contest.org/redirect.php?banner_id=100&url=/ > ___ > AMaViS-user mailing list > AMaViS-user@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/amavis-user > AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 > AMaViS-HowTos:http://www.amavis.org/howto/ > - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] how does whitelisting work in amavis?
Coert,
> [...] I have a setup with postfix and dovecot, where all authentication
> happens from LDAP.
>
> Is it necessary for me to have amavis connect to the LDAP as well?
Not necessary, unless you want to use the same LDAP mechanism
for per-recipient settings and white/blacklisting, maybe because
you want your users to be able to directly adjust their settings
in LDAP.
Statical lookups are always available, global or per-recipient.
> I want to be able to somewhere make a list of whitelisted addresses.
If you only need few addresses to be white (or -black) listed
and settings do not change often, the easiest is to use statical
lookups - see @score_sender_maps, @whitelist_sender_maps, and
$per_recip_whitelist_sender_lookup_tables in amavisd.conf-sample.
Note that plain whitelisting is pretty much useless these days,
when almost all sender and author addresses in spam and viruses
are faked. Whitelisting one domain will let through all spam
which happens to use that domain as its sending address.
If you really must use it, just assign few negative score points
though @score_sender_maps, not giving it a full blanco access.
The only useful whitelisting mechanisms nowadays are based
on some form of authentication of the sending host or domain.
On the amavisd side a reliable way to whitelist authors
or their domains based on their DKIM (or DK) signature is
to use @author_to_policy_bank_maps. This allows not only
whitelisting against spam, but also on virus and banned checks,
if you chose so.
For example:
@author_to_policy_bank_maps = (
'uu.se' => 'WHITELIST',
'uni-bremen.de' => 'WHITELIST',
'tugraz.at' => 'WHITELIST',
'tu-graz.ac.at' => 'WHITELIST',
'aitech.ac.jp'=> 'WHITELIST',
'eurescom.eu' => 'WHITELIST',
'.ebay.com' => 'WHITELIST',
'.ebay.co.uk' => 'WHITELIST',
'ebay.at' => 'WHITELIST',
'ebay.ca' => 'WHITELIST',
'ebay.de' => 'WHITELIST',
'ebay.fr' => 'WHITELIST',
'.paypal.com' => 'WHITELIST',
'.paypal.co.uk' => 'WHITELIST',
'./@paypal.com' => 'WHITELIST',
'amazon.com' => 'WHITELIST',
'.cnn.com'=> 'WHITELIST',
'skype.net' => 'WHITELIST',
'welcome.skype.com' => 'WHITELIST',
'cc.yahoo-inc.com/@yahoo-inc.com' => 'WHITELIST',
'cc.yahoo-inc.com'=> 'WHITELIST',
'.linkedin.com' => 'MILD_WHITELIST',
'google.com' => 'MILD_WHITELIST',
'googlemail.com' => 'MILD_WHITELIST',
'./@googlegroups.com' => 'MILD_WHITELIST',
'./@yahoogroups.com' => 'MILD_WHITELIST',
'./@yahoogroups.co.uk'=> 'MILD_WHITELIST',
'./@yahoogroupes.fr' => 'MILD_WHITELIST',
'yousendit.com' => 'MILD_WHITELIST',
'meetup.com' => 'MILD_WHITELIST',
'[EMAIL PROTECTED]' => 'MILD_WHITELIST',
});
$policy_bank{'MILD_WHITELIST'} = {
score_sender_maps => [ { '.' => [-1.8] } ],
};
$policy_bank{'WHITELIST'} = {
bypass_spam_checks_maps => [1],
spam_lovers_maps => [1],
};
Alternatively, SpamAssassin offers a couple of useful
whitelisting mechanisms, based on DKIM, DK, SPF, or based on
a domain in Received header field. Some examples (local.cf):
whitelist_from_dkim [EMAIL PROTECTED]
whitelist_from_dkim [EMAIL PROTECTED]
whitelist_from_dkim [EMAIL PROTECTED]
whitelist_from_dkim [EMAIL PROTECTED]
whitelist_from_dkim [EMAIL PROTECTED]
whitelist_from_dkim [EMAIL PROTECTED]
whitelist_from_dkim [EMAIL PROTECTED]
whitelist_from_dkim [EMAIL PROTECTED]
whitelist_from_dkim [EMAIL PROTECTED]
whitelist_from_dkim [EMAIL PROTECTED]
whitelist_from_dkim [EMAIL PROTECTED]paypal.com
whitelist_from_spf [EMAIL PROTECTED]
whitelist_from_rcvd [EMAIL PROTECTED] yahoo.com
whitelist_from_rcvd [EMAIL PROTECTED] yahoo.com
whitelist_from_rcvd [EMAIL PROTECTED] elsevier.com
whitelist_from_rcvd [EMAIL PROTECTED] bund.de
There is also a 'whitelist_auth' setting, which covers
both DKIM/DK and SPF under one word (with a little less
flexibility). See: man Mail::SpamAssassin::Conf
> And I want to have notifications sent to my postmaster address for every
> spam and virus infected mail that is 'caught'
$virus_admin = "[EMAIL PROTECTED]";
or perhaps more useful (just to see new virus types):
$newvirus_admin = "[EMAIL PROTECTED]";
For spam setting a global $spam_admin is pretty much useless,
as you'd be getting practically all mail. More useful is to set
$spam_admin from a policy banks triggered by mail from local
users, so you'd be notified of a spam originating from your site:
$inet_socket_port = [10024,10026];
$interface_policy{'10026'} = 'ORIGINATING';
$policy_bank{'ORIGINATING'} = { # mail originating from our users
originating => 1,
virus_admin_maps => ["[EMAIL PROTECTED]"],
spam_admin_maps => ["[EMAIL PROTECTED]"],
};
Mark
---
[AMaViS-user] how does whitelisting work in amavis?
Hello all, I have a successful working install of amavisd-new. I do not know Perl at all, although I can more or less understand how the config files work. I have a setup with postfix and dovecot, where all authentication happens from LDAP. Is it necessary for me to have amavis connect to the LDAP as well? I want to be able to somewhere make a list of whitelisted addresses. And I want to have notifications sent to my postmaster address for every spam and virus infected mail that is 'caught' What would be the best way of doing this? Do you want me to send through my amavisd-new config file? Kind regards, Coert - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
