Whitelisting by IP address

Michael H michael at wemoto.com
Thu Mar 10 12:02:31 CET 2016 

On 10/03/16 10:43, Michael H wrote:
> On 10/03/16 03:53, Tom Johnson wrote:
>>
>>
>> On Mar 9, 2016, at 7:11 PM, Indunil Jayasooriya <indunil75 at gmail.com
>> <mailto:indunil75 at gmail.com>> wrote:
>>
>>>
>>>
>>> On Thu, Mar 10, 2016 at 12:57 AM, Tom Johnson <tj at terramar.net
>>> <mailto:tj at terramar.net>> wrote:
>>>
>>>     I'm sorry if I wasn't clear - adding to trusted_networks is not an
>>>     option.  Different users have different needs.  One person might
>>>     want x.x.x.x whitelisted, but another may not.  
>>>
>>>
>>>     Why don't you need to whitelist or blacklist domains per user
>>> basis in following way in amavisd.conf file
>>>
>>>     # ENVELOPE SENDER SOFT-WHITELISTING / SOFT-BLACKLISTING
>>>
>>> @score_sender_maps = ({ # a by-recipient hash lookup table,
>>>                        
>>
>> We do whitelisting and blacklisting if senders (using sql). 
>>
>> But we also have some customers who need to whitelist everything coming
>> from a given ip address. 
> 
> 
> Hi,
> 
> This is on topic but not quite as the previous thread required.
> 
> I have amended my spamassassin/local.cf and added trusted_networks and
> internal_networks with all of my IP addresses listed.
> 
> I have an alarm system that is emailing without a date field in the
> headers, this email originates from an IP address in my trusted_networks
> but is still being blocked by amavisd.
> 
> Could someone please tell me the correct way to whitelist IP addresses
> so that it is applied to amavisd as well as spamassassin?
> 
> thanks
> 
> Michael
> 

Sorry, that was a little vague,

cat /etc/amavisd/amavis.conf

[...]
@mynetworks = qw( 127.0.0.0/8 [::1]
                  10.0.0.0/8
                  172.16.0.0/12
                  192.168.0.0/16
                  XXX.XXX.XXX.XXX/32
);


# allow all mail from local IPs:
$policy_bank{'MYNETS'} = {  # clients in @mynetworks
  bypass_spam_checks_maps   => [1],  # don't spam-check internal mail
  bypass_banned_checks_maps => [1],  # don't banned-check internal mail
  bypass_header_checks_maps => [1],  # don't header-check internal mail
};
[...]

cat /etc/mail/spamassassin/local.cf
[...]
required_hits 6
report_safe 0
rewrite_header Subject [SPAM]

internal_networks [IP's of my MX's]

trusted_networks [lots of ip addresses]
[...]

The IP address is in both of these files but the mail is still being
checked, what did I do wrong here?

thanks

More information about the amavis-users mailing list