Sender white list
korsar182 at gmail.com
korsar182 at gmail.com
Tue Aug 13 11:00:47 CEST 2019
Yes, I know sender address can be easily faked.
I have only incoming path on port 10024 for amavis and port 10026 for
postfix.
I need this feature for banned files filtering, not spam or virus check,
between users inside my domains.
I try different setups, but they all or don't work or bypassing all mail
without any filtering.
Martin's also doesn't work. Seems I do something wrong...
Martin Johannes Dauser <mdauser at cs.sbg.ac.at> писал(а) в своём письме Mon,
12 Aug 2019 17:33:38 +0300:
> FIRST, be warned that sender address can be spoofed really easily. So
> you shouldn't put too much trust into them!
>
> I guess you haven't configured incomming and originating/outgoing paths
> for amavis yet? Something similar to this (ports 10024 and 10026 need to
> be delivered by your MTA of course):
>
>
> @mynetworks_maps = (read_array('/etc/amavisd/mynetworks'),);
> # IP-addresses regarded as local/originating saved as one IP or one
> Network with CIDR notation per line
>
> read_hash(\%whitelist_sender, '/etc/amavisd/whitelist_senders');
>
> @listen_sockets = ( # incomming
> '127.0.0.1:10024',
> # originating
> '127.0.0.1:10026',
> );
>
>
> $interface_policy{'10024'} = 'INCOMMING';
> $interface_policy{'10026'} = 'ORIGINATING';
>
> $policy_bank{'INCOMMING'} = {
> # set incomming mails as NOT-originating
> originating => 0,
>
> # mails from trusted envelope senders won't get scanned
> by Spamassassin
> whitelist_sender_maps => [ \%whitelist_sender ],
>
> # other settings
> #...
> };
>
>
> $policy_bank{'ORIGINATING'} = {
> # set local smtpd as originating
> originating => 1,
>
> # other settings
> #...
> };
>
> ----------
> An alternative is to modify spam scores of senders. This defines a bonus
> or malus on spamassassin's values. You may have even different values
> depending on recipients. E.g. 'user at domain.tld' and global '.' which
> means 'any other' and must set as last line in @score_sender_maps.
>
>
> @score_sender_maps = (
> { 'user at domain.tld' => [
> read_hash('/etc/amavisd/sender_scores_user'), ],
> '.' => [ read_hash('/etc/amavisd/sender_scores_sitewide'), ],
> }
> );
>
>
> Within /etc/amavisd/sender_scores_sitewide
>
> # Descr.: Hash Lookup (associative array lookup) for global soft
> white-/blacklsting# Note.: see
> https://amavis.org/README.lookups.txt for details about hash lookups
> # Format of the text file: one address per line
> # Each address can have an associated optional value
> (also known as the
> # 'righthand side' or RHS) separated from the address by
> whitespace.
> # An absence of a value implies 1.
>
>
> some.spammer at some.server.net 1.0
> domain.spamschleu.de 8.0
>
> someone.nice at trusted.net -5.0
> trusted.doma.in -3.5
>
>
> Greetings
> Martin
>
> On Mon, 2019-08-12 at 11:19 +0300, korsar182 at gmail.com wrote:
>> Hi, is there any way to make whitelist for senders? Weird, but
>> read_hash(\%whitelist_sender, '/etc/amavisd/whitelist');
>> @whitelist_sender_maps = (\%whitelist_sender);
>> make it for recipients, not senders...
More information about the amavis-users
mailing list