Allow a particular sender to bypass scanning with policy_bank
Indunil Jayasooriya
indunil75 at gmail.com
Fri Oct 21 06:53:03 CEST 2016
Hi list,
I want particular senders to bypass scanning.
here's what I have done.
in main.cf , I have added the line check_sender_access
hash:/etc/postfix/amavis_senderbypass
pls see below
# Sender restrictions:
smtpd_sender_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
check_sender_access hash:/etc/postfix/amavis_senderbypass
reject_non_fqdn_sender,
reject_unknown_sender_domain,
permit
contents of /etc/postfix/amavis_senderbypass
#sender at example.net FILTER smtp-amavis:[127.0.0.1]:10026
#sender at example.org FILTER smtp-amavis:[127.0.0.1]:10026
#gmail.com FILTER smtp-amavis:[127.0.0.1]:10026
mygmail at gmail.com FILTER smtp-amavis:[127.0.0.1]:10026
postmap /etc/postfix/amavis_senderbypass
then,
In amavisd.conf:
#$inet_socket_port = 10024; # listen on this local TCP port(s)
$inet_socket_port = [10024,10026]; # listen on multiple TCP ports
$interface_policy{'10026'} = 'SENDERBYPASS';
$policy_bank{'SENDERBYPASS'} = {
#bypass_spam_checks_maps => [[qw( .recipientdomain.com)]],
#bypass_banned_checks_maps => [[qw( .recipientdomain.com)]],
#bypass_header_checks_maps => [[qw( .recipientdomain.com)]],
spam_lovers_maps => [[qw( .recipientdomain.com)]],
bypass_spam_checks_maps => [[qw( .recipientdomain.com)]],
banned_files_lovers_maps => [[qw( .recipientdomain.com)]],
bypass_banned_checks_maps => [[qw( .recipientdomain.com)]],
bad_header_lovers_maps => [[qw( .recipientdomain.com)]],
bypass_header_checks_maps => [[qw( .recipientdomain.com)]],
};
/etc/init.d/amavisd restart
When I send mails mails from mygmail at gmail.com, sender is bypassed. It
works as expected.
But, I have an question to discuss.
which option is better and safer?
option1
bypass_spam_checks_maps => [[qw( .recipientdomain.com)]],
bypass_banned_checks_maps => [[qw( .recipientdomain.com)]],
bypass_header_checks_maps => [[qw( .recipientdomain.com)]],
option 2
spam_lovers_maps => [[qw( .recipientdomain.com)]],
bypass_spam_checks_maps => [[qw( .recipientdomain.com)]],
banned_files_lovers_maps => [[qw( .recipientdomain.com)]],
bypass_banned_checks_maps => [[qw( .recipientdomain.com)]],
bad_header_lovers_maps => [[qw( .recipientdomain.com)]],
bypass_header_checks_maps => [[qw( .recipientdomain.com)]],
I have seen in mailing lists that having both spam_lovers_maps and
bypass_spam_checks_maps are ok, when mails are addressed to multiple
recipients.
here are some links.
http://amavis-users.amavis.narkive.com/53G9WY8o/bypass-spam-check-for-domain
I'm not sure I understand your question. Here is an axample. A message
is addressed to ***@example.com and ***@example.org (both of which
are domains you are responsible for).
@bypass_spam_checks_maps = ( ["example.com"] );
This message will still be scanned because ***@example.org is not
included in @bypass_spam_checks_maps. ***@example.com is in the map,
but in this case this recipient may not receive a copy of the message
(assuming it is spam). @bypass_spam_checks_maps does not guarantee
delivery of spam. To guarantee delivery of a message that has been
scanned by spamassassin and subsequently marked as spam, you want to
also include the recipient in @spam_lovers_maps.
another link
https://sourceforge.net/p/amavis/mailman/amavis-user/thread/20090723230510.GA26675@tandon.net/
bypass all scanning for one domain.
@spam_lovers_maps = ( ['sampledomain.org'] );
@bypass_spam_checks_maps = ( ['sampledomain.org'] );
or if you want to also cover subdomains:
@spam_lovers_maps = ( ['.sampledomain.org'] );
@bypass_spam_checks_maps = ( ['.sampledomain.org'] );
Waiting for your views.
--
cat /etc/motd
Thank you
Indunil Jayasooriya
http://www.theravadanet.net/
http://www.siyabas.lk/sinhala_how_to_install.html - Download Sinhala
Fonts
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.amavis.org/pipermail/amavis-users/attachments/20161021/9012d1dd/attachment.html>
More information about the amavis-users
mailing list