whitelisting google appointments

[Mark Martinec]

Marko writes:

>  Hi there Maurizio,
>  i think you can do this:
> 
>  @author_to_policy_bank_maps = ( {
>       'google.com'  => 'WHITELIST,NOBANNEDCHECK',
>       'googlemail.com' => 'WHITELIST,NOBANNEDCHECK',
>  } );

Yes, that is probably a good approach for domains signing with DKIM
for which banned checks should not apply.

For completeness, here are example of the two mentioned policy banks:

$policy_bank{'WHITELIST'} = {
  bypass_spam_checks_maps => [1],
  spam_lovers_maps => [1],
};

$policy_bank{'NOBANNEDCHECK'} = {
  bypass_banned_checks_maps => [1],
  banned_files_lovers_maps  => [1],
};


A more selective approach is possible through %banned_rules, e.g.:

%banned_rules = (
  'NO-MS-EXEC'=> new_RE( qr'^\.(exe-ms)$' ),
  'PASSALL'   => new_RE( [qr'^' => 0] ),
  'ALLOW_EXE' =>  # pass executables except if name ends in .vbs .pif .scr .bat
    new_RE( qr'.\.(vbs|pif|scr|bat)$'i, [qr'^\.exe$' => 0] ),
  'ALLOW_VBS' =>  # allow names ending in .vbs
    new_RE( [qr'.\.vbs$' => 0] ),
  'ALLOW_COM' =>  # allow names ending in .vbs
    new_RE( [qr'.\.com$' => 0] ),
  'NO-VIDEO' => new_RE( qr'^\.movie$',
    qr'.\.(asf|asx|mpg|mpe|mpeg|avi|mp3|wav|wma|wmf|wmv|mov|vob)$'i, ),
  'NO-MOVIES' => new_RE( qr'^\.movie$', qr'.\.(mpg|avi|mov)$'i, ),

  'MYNETS-DEFAULT' => new_RE(
    [ qr'^\.(rpm|cpio|tar)$' => 0 ],  # allow any in Unix-type archives
    qr'.\.(vbs|pif|scr)$'i,           # banned extension - rudimentary
    qr'^\.(exe-ms)$',                 # banned file(1) types
  ),
  'DEFAULT' => $banned_filename_re,
);

@banned_filename_maps = ( { '.' => 'DEFAULT' } );


Then you can choose from the available %banned_rules through
a policy bank, e.g.:

@author_to_policy_bank_maps = ( {
  'google.com'  => 'GOOGLE',
  'googlemail.com' => 'GOOGLE',
} );

$policy_bank{'GOOGLE'} = {
  banned_filename_maps => ['ALLOW_COM,DEFAULT'],
};


  Mark