Whitelist advice, correct way to minimize score

Karol Augustin karol at augustin.pl
Mon Feb 5 10:21:28 CET 2018 

On 2018-02-04 0:45, Voytek wrote:
> On Sun, February 4, 2018 5:31 am, Karol Augustin wrote:
>> On 2018-02-03 12:07, Voytek wrote:
> 
>> Few things that you can do here:
>> You can add 'whitelist_from_dkim *@tld.com.au sendgrid.net' which will
>> whitelist mail signed by sendgrid with From: tld.com.au. You can also
>> 'whitelist_from_spf *@tld.com.au', which will do the same for SPF pass
>> mail.
> 
> Karol,
> 
> thanks, might as well start with the one above,
> /etc/mail/spamassassin/local.cf , yes ?
I prefer to use separate file for this. whitelist.cf for example. But
any .cf file will work.

> 
> was:
> Content analysis details:   (3.0 points, 5.0 required)
> 
> NOW:
> 
> Content analysis details:   (-97.0 points, 5.0 required)
>  pts rule name              description
> ---- ----------------------
> --------------------------------------------------
>  0.0 URIBL_BLOCKED          ADMINISTRATOR NOTICE: The query to URIBL was
> blocked.
>                             See
>                            
> http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
>                              for more information.
>                             [URIs: sendgrid.net]
> -100 USER_IN_DKIM_WHITELIST From: address is in the user's DKIM whitelist
>  0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail
>                             domains are different
> -0.0 T_RP_MATCHES_RCVD      Envelope sender domain matches handover relay
>                             domain
>  0.0 HTML_MESSAGE           BODY: HTML included in message
>  1.1 MIME_HTML_ONLY         BODY: Message only has text/html MIME parts
>  1.0 HTML_IMAGE_ONLY_16     BODY: HTML: images with 1200-1600 bytes of words
>  0.1 DKIM_SIGNED            Message has a DKIM or DK signature, not
> necessarily valid
> -0.1 DKIM_VALID             Message has at least one valid DKIM or DK
> signature
>  0.6 HTML_MIME_NO_HTML_TAG  HTML-only message, but there is no HTML tag
>  0.0 T_REMOTE_IMAGE         Message contains an external image
> 
> 
> 
>> Also google URIBL_BLOCKED and get that sorted by using local recrusive
>> DNS or if your server is on AWS or other cloud provider that they ban by
>> default you can disable URIBL as you will get this hit on every e-mail. You
>> can also pay them but prices are not what I would consider reasonable for
>> personal server.
> 
> 
> thanks, I'll try to check that
Here you have explanation:
http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block

> 
>>
>> Also you might consider configuring BAYES properly which, if trained,
>> can lower score for that type of e-mails.
> 
> 
> dzieki!

-- 
Karol Augustin
karol at augustin.pl
http://karolaugustin.pl/
+353 85 775 5312

More information about the amavis-users mailing list