whitelist sender domain 'Return-path:' vs 'From:'

Dominic Raferd dominic at timedicer.co.uk
Wed Mar 21 18:44:31 CET 2018 

On 21 March 2018 at 16:44, Martin Johannes Dauser <mdauser at cs.sbg.ac.at>
wrote:

> Regarding that whitelist_sender_maps would work on 'From:' header, not the
> envelope sender, I can not comply!
>
> I set buxdehu.de in whitelist
>
> Then I telnet to my mailserver
>
> $ *telnet localhost 25*
> Trying 127.0.0.1...
> Connected to localhost.
> Escape character is '^]'.
> 220 mail.cs.sbg.ac.at ESMTP Postfix (RHEL/GNU)
> *EHLO mail.cs.sbg.ac.at <http://mail.cs.sbg.ac.at>*
> 250-mail.cs.sbg.ac.at
> 250-PIPELINING
> 250-SIZE 52428800
> 250-VRFY
> 250-ETRN
> 250-STARTTLS
> 250-XFORWARD NAME ADDR PROTO HELO SOURCE PORT IDENT
> 250-ENHANCEDSTATUSCODES
> 250-8BITMIME
> 250 DSN
> *MAIL FROM:<lala at buxdehu.de>*
> 250 2.1.0 Ok
> *RCPT TO:<mdauser at cs.sbg.ac.at>*
> 250 2.1.5 Ok
> *DATA*
> 354 End data with <CR><LF>.<CR><LF>
> *FROM: lumlum at la.la <lumlum at la.la>*
> *SUBJECT: testmail*
>
> *test*
> *.*
> 250 2.0.0 Ok: queued as 31F66200A4D2
> *QUIT*
>
> And I get
> X-spam-status: No, score=x required=6 WHITELISTED tests=[]
>
> So at least in my setup it's the envelope sender which is observed.
>
> A failure of mine in the previous posts was, that I used quotes within the
> files for whitelisting.
> Thats's a baaad idea.
>
> Best regards
> Martin Johannes Dauser
>
> On Wed, 2018-03-21 at 14:35 +0000, Dominic Raferd wrote:
>
>
>
> On 26 February 2018 at 16:34, Dominic Raferd <dominic at timedicer.co.uk>
> wrote:
>
> I have now updated my 50-user.conf to this:
> $interface_policy{'10024'} = 'INCOMING';
> $policy_bank{'INCOMING'} = {
>   whitelist_sender_maps => [ read_hash('/etc/amavis/whitelist') ],
> };
>
>
> Note that this whitelisting technique works on the address given in the
> 'From:' header, not the envelope sender (aka Return-Path).
>
> Each address in /etc/amavis/whitelist (one per line, comments and blank
> lines are ignored) can be whole email address, domain only, or domain
> preceded by dot in which case it matches emails from domain *and* any
> subdomains:
>
> # example amavis whitelist file
>
> amavis-users at amavis.org
> .currys.co.uk
> zpg.co.uk
>
> After updating the file you (probably - untested) have to reload amavis
> for it to take account of the changes. If you have systemd:
> systemctl reload-or-restart amavis
>
>
​Interesting but in my setup it is definitely the From: header that is
compared, I have numerous examples, and I cannot find a single
counter-example (where an email is whitelisted and the whitelist can only
be because of the envelope sender).​ I guess there must be some subtle
difference in our setup?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.amavis.org/pipermail/amavis-users/attachments/20180321/8fd0e42a/attachment.html>

More information about the amavis-users mailing list