Sender white list

Martin Johannes Dauser mdauser at cs.sbg.ac.at
Mon Aug 12 16:33:38 CEST 2019


FIRST, be warned that sender address can be spoofed really easily. So
you shouldn't put too much trust into them!

I guess you haven't configured incomming and originating/outgoing paths
for amavis yet? Something similar to this (ports 10024 and 10026 need to
be delivered by your MTA of course):


@mynetworks_maps    = (read_array('/etc/amavisd/mynetworks'),);         # IP-addresses regarded as local/originating saved as one IP or one Network with CIDR notation per line

read_hash(\%whitelist_sender, '/etc/amavisd/whitelist_senders');

@listen_sockets = ( # incomming
                     '127.0.0.1:10024',
                    # originating
                     '127.0.0.1:10026',
                   );


$interface_policy{'10024'} = 'INCOMMING';
$interface_policy{'10026'} = 'ORIGINATING';

$policy_bank{'INCOMMING'} = {
                # set incomming mails as NOT-originating 
                  originating                 => 0,

                # mails from trusted envelope senders won't get scanned by Spamassassin
                  whitelist_sender_maps       => [ \%whitelist_sender ],

                # other settings
                  #...
                };


$policy_bank{'ORIGINATING'} = {
                # set local smtpd as originating
                  originating                  => 1,

                # other settings
                  #...
                };  


----------
An alternative is to modify spam scores of senders. This defines a bonus
or malus on spamassassin's values. You may have even different values
depending on recipients. E.g. 'user at domain.tld' and global '.' which
means 'any other' and must set as last line in @score_sender_maps.  


@score_sender_maps = (
        { 'user at domain.tld'    =>  [ read_hash('/etc/amavisd/sender_scores_user'), ],
          '.' =>  [ read_hash('/etc/amavisd/sender_scores_sitewide'), ],
        }
);


Within /etc/amavisd/sender_scores_sitewide

# Descr.:       Hash Lookup (associative array lookup) for global soft white-/blacklsting 
# Note.:        see https://amavis.org/README.lookups.txt for details about hash lookups
#                Format of the text file: one address per line
#                Each address can have an associated optional value (also known as the
#                'righthand side' or RHS) separated from the address by whitespace.
#                An absence of a value implies 1.


some.spammer at some.server.net         1.0
domain.spamschleu.de                 8.0

someone.nice at trusted.net            -5.0
trusted.doma.in                     -3.5


Greetings
Martin

On Mon, 2019-08-12 at 11:19 +0300, korsar182 at gmail.com wrote:
> Hi, is there any way to make whitelist for senders? Weird, but
> read_hash(\%whitelist_sender, '/etc/amavisd/whitelist');
> @whitelist_sender_maps = (\%whitelist_sender);
> make it for recipients, not senders...


More information about the amavis-users mailing list