<div dir="ltr"><div class="gmail_default" style="font-size:small"><br></div><div class="gmail_extra"><br><div class="gmail_quote">On 21 March 2018 at 16:44, Martin Johannes Dauser <span dir="ltr"><<a href="mailto:mdauser@cs.sbg.ac.at" target="_blank">mdauser@cs.sbg.ac.at</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div>Regarding that whitelist_sender_maps would work on 'From:' header, not the envelope sender, I can not comply!</div><div><br></div><div>I set <a href="http://buxdehu.de" target="_blank">buxdehu.de</a> in whitelist </div><div><br></div><div>Then I telnet to my mailserver </div><div><br></div><div style="margin-left:3ch"><div>$ <i><b>telnet localhost 25</b></i></div><div>Trying 127.0.0.1...</div><div>Connected to localhost.</div><div>Escape character is '^]'.</div><div>220 <a href="http://mail.cs.sbg.ac.at" target="_blank">mail.cs.sbg.ac.at</a> ESMTP Postfix (RHEL/GNU)</div><div><i><b>EHLO <a href="http://mail.cs.sbg.ac.at" target="_blank">mail.cs.sbg.ac.at</a></b></i></div><div><a href="http://250-mail.cs.sbg.ac.at" target="_blank">250-mail.cs.sbg.ac.at</a></div><div>250-PIPELINING</div><div>250-SIZE 52428800</div><div>250-VRFY</div><div>250-ETRN</div><div>250-STARTTLS</div><div>250-XFORWARD NAME ADDR PROTO HELO SOURCE PORT IDENT</div><div>250-ENHANCEDSTATUSCODES</div><div>250-8BITMIME</div><div>250 DSN</div><div><i><b>MAIL FROM:<<a>lala@buxdehu.de></a></b></i></div><div>250 2.1.0 Ok</div><div><i><b>RCPT TO:<<a>mdauser@cs.sbg.ac.at></a></b></i></div><div>250 2.1.5 Ok</div><div><i><b>DATA</b></i></div><div>354 End data with <CR><LF>.<CR><LF></div><div><b><i>FROM: <a href="mailto:lumlum@la.la" target="_blank">lumlum@la.la</a></i></b></div><div><b><i>SUBJECT: testmail</i></b></div><div><b><i><br></i></b></div><div><b><i>test</i></b></div><div><b><i>.</i></b></div><div>250 2.0.0 Ok: queued as 31F66200A4D2</div><div><b><i>QUIT</i></b></div></div><div></div><div><br></div><div>And I get </div><div style="margin-left:3ch"><div>X-spam-status: No, score=x required=6 WHITELISTED tests=[]</div></div><div><br></div><div>So at least in my setup it's the envelope sender which is observed.</div><div><br></div><div>A failure of mine in the previous posts was, that I used quotes within the files for whitelisting.</div><div>Thats's a baaad idea.</div><div><br></div><div>Best regards</div><div>Martin Johannes Dauser</div><div><br></div><div>On Wed, 2018-03-21 at 14:35 +0000, Dominic Raferd wrote:</div><blockquote type="cite"><div dir="ltr"><div style="font-size:small"><br></div><div class="gmail_extra"><br><div class="gmail_quote">On 26 February 2018 at 16:34, Dominic Raferd <span dir="ltr"><<a href="mailto:dominic@timedicer.co.uk" target="_blank">dominic@timedicer.co.uk</a>></span> wrote:<br><blockquote type="cite">I have now updated my 50-user.conf to this:<br>
$interface_policy{'10024'} = 'INCOMING';<br>
$policy_bank{'INCOMING'} = {<br>
<span> whitelist_sender_maps => [ read_hash('/etc/amavis/whiteli<wbr>st') ],<br>
</span>};<br></blockquote><div> </div></div></div><div class="gmail_extra"><div style="font-size:small">Note that this whitelisting technique works on the address given in the 'From:' header, not the envelope sender (aka Return-Path).</div><div style="font-size:small"><br></div><div style="font-size:small">Each address in /etc/amavis/whitelist (one per line, comments and blank lines are ignored) can be whole email address, domain only, or domain preceded by dot in which case it matches emails from domain *and* any subdomains:</div><div style="font-size:small"><br></div><div style="font-size:small"># example amavis whitelist file</div><div style="font-size:small"><br></div><div style="font-size:small"><a href="mailto:amavis-users@amavis.org" target="_blank">amavis-users@amavis.org</a></div><div style="font-size:small">.<a href="http://currys.co.uk" target="_blank">currys.co.uk</a></div><div style="font-size:small"><a href="http://zpg.co.uk" target="_blank">zpg.co.uk</a></div><br></div><div class="gmail_extra"><div style="font-size:small">After updating the file you (probably - untested) have to reload amavis for it to take account of the changes. If you have systemd:</div><div style="font-size:small">systemctl reload-or-restart amavis</div><br></div></div></blockquote></div></blockquote><div><br></div><div class="gmail_default" style="font-size:small">Interesting but in my setup it is definitely the From: header that is compared, I have numerous examples, and I cannot find a single counter-example (where an email is whitelisted and the whitelist can only be because of the envelope sender). I guess there must be some subtle difference in our setup?</div></div><br></div></div>