Whitelist for localhost

Mark Martinec Mark.Martinec+amavis at ijs.si
Tue Dec 20 20:21:57 CET 2011


> > Whitelisting only affects spam checks. You message was blocked
> > by a virus scanner. There is no direct equivalent to whitelisting
> > for virus and banned scans. The only way is to use a policy bank,
> > or configure MTA to bypass amavis altogether for message that
> > need such treatment.
> Your examples worked very well. I've tested both methods, and it was
> much easier than I thought. Thanks so much. Where is this best
> documented, so I may review more thoroughly?
> Yes, I'm using postfix with clamav via amavisd. How do I properly
> whitelist senders for virus scanning? Perhaps a all_virus_to of sorts?

Like I said, the only way to skip virus scanning is through loading
a policy bank. A policy bank can be chosen based on a TCP port number
on which amavisd receives a connection ( %interface_policy ), or
based on SMTP client's IP address (like in an example on my previous
posting - @client_ipaddr_policy ), or based on a valid DKIM signature
of listed sending domains ( @author_to_policy_bank_maps ).

Trusting the self-proclaimed From address or a sender envelope
address from an untrusted source would be too risky for the purpose
of disabling a virus or banning check. This is why the simple
'whitelisting' only applies to spam checks.

> This case was via localhost, but does the whitelist_from_rcvd work to
> whitelist users from clamav scanning when not via localhost? I could
> swear that has been effective for me in the past.

The whitelist_from_rcvd is a SpamAssassin feature. As such it only
applies to spam checking by SpamAssassin. It has no effect on
virus scans as invoked directly by amavisd, which is how a spamd
is usually called. Perhaps you were using a virus scanner through
some SpamAssassin's plugin interface.


More information about the amavis-users mailing list