Whitelist sender header "from" field

Nick I via amavis-users amavis-users at amavis.org
Wed Jan 22 13:45:37 CET 2014


I found that whole domain
amazonses.com<00000143a938e8c1-a7816299-e8ee-4a53-be72-1b13349262f1-000000 at amazonses.com>was
at blacklist on sender_score_map on one of the included file (
So amavis make check for both envelope sender and From header field.
wbl soft-blacklist executed before, score got 100 points and is rejected
(in my case).

Is it posssible to make whitelist check before blacklist ?



2014/1/21 Nick I <nickyidx at gmail.com>

> Here is what i found.
> i set log_level = 5 and send test with spoofed from address:
>
> # telnet localhost 25
> Trying
> 127.0.0.1...
>
> Connected to
> localhost.
>
> Escape character is '^]'.
> 220 *****.com ESMTP Postfix
> helo localhost
> 250 *****.com
> MAIL FROM:<
> 00000143a938e8c1-a7816299-e8ee-4a53-be72-1b13349262f1-000000 at amazonses.com
> >
> 250 2.1.0
> Ok
>
> RCPT TO:<recipient at example.com>
>
> 250 2.1.5 Ok
> Data
> 354 End data with <CR><LF>.<CR><LF>
> From: <DoNotReply at ConnectedCommunity.org>
> Subject: TEST telnet
> sdfsdf
> .
> 250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as
> D169A26CE6
> quit
> 221 2.0.0 Bye
>
>
> Amavis log:
> wbl: checking sender <
> 00000143a938e8c1-a7816299-e8ee-4a53-be72-1b13349262f1-000000 at amazonses.com>,
> <DoNotReply at ConnectedCommunity.org>
> wbl: soft-whitelisted (-100) sender <DoNotReply at ConnectedCommunity.org>
> => <recipient at example.com>, recip_key="example.com"
> ...
> header: X-Spam-Status: No, score=-98.256 tag=-1000 tag2=5
> kill=100\n\ttests=[ALL_TRUSTED=-1, AM.WBL=-100,
> MISSING_DATE=1.396,\n\tMISSING_HEADERS=1.207, MISSING_MID=0.14,
> TVD_SPACE_RATIO=0.001]\n\tautolearn=disabled\n
>
> So it does work from this test.
> But wbl does not work in real mail flow when senders are different, only
> 1st checked.
>
> Any thoughts?
>
>
>
> 2014/1/21 Nick I <nickyidx at gmail.com>
>
>> Patrick,
>>
>> I do not want to change score for the spamassassin and optimise it in
>> that way.
>> Because if i reduce spam score i can pass some spam to come in.
>> Also i do not want to whitelist whole domain amazonses.com.
>>
>> I suppose that amavis can whitelist sender sender at domain.com (at From
>> header field) if it is at sender_score_maps.
>>
>> I know that it is better to use author_to_policy_bank_maps for whitelist
>> purpose but i already have huge sender_score_maps list which works per
>> user.
>>
>> Can you please suggest if there is another option that control whilteist
>> sender listed at From header field? What should i see in amavis debug for
>> the sender whilteist?
>>
>> Thanks.
>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.amavis.org/pipermail/amavis-users/attachments/20140122/a834d090/attachment.html>


More information about the amavis-users mailing list