whitelist

Dino Edwards dino.edwards at mydirectmail.net
Fri Jul 12 19:05:25 CEST 2019 

Here's how to do it with BONUS blacklist:

In postfix /etc/postfix/main.cf set the following for whitelist senders:

smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/amavis_senderbypass

In the /etc/postfix/amavis_senderbypass file enter email addresses and/or domains you wish to whitelist (one per line) as follows:

bob at example.com  FILTER amavis:[127.0.0.1]:10030
example2.com  FILTER amavis:[127.0.0.1]:10030

Ensure you postmap the file and reload postfix

In Amavis /etc/amavis/conf/50_user set the following to whitelist recipients (ensure port 10030 is available in your system):

$inet_socket_port = [10021, 10030];

# This policy will bypass ALL checks.
read_hash(\%whitelist_sender, '/etc/amavis/white.lst');
@whitelist_sender_maps = (\%whitelist_sender);



$interface_policy{'10030'} = 'BYPASSALLCHECKS';
$policy_bank{'BYPASSALLCHECKS'} = { # mail from the pickup daemon
    log_level => 5,
    bypass_spam_checks_maps   => ['@whitelist_sender_maps'],  # don't spam-check this mail
    bypass_banned_checks_maps => ['@whitelist_sender_maps'],  # don't banned-check this mail
    bypass_header_checks_maps => ['@whitelist_sender_maps'],  # don't header-check this mail
    bypass_virus_checks_maps  => ['@whitelist_sender_maps'],  # don't virus-check this mail
};


In /etc/amavis/white.lst enter the the SAME senders and/or domains as you set in the /etc/postfix/amavis_senderbypass file from above but without the  "FILTER amavis:[127.0.0.1]:10030" part as follows (one per line):

bob at example.com 
example2.com 

So basically this tells postfix that any sender matching the list to inject to Amavis at port 10030 and then Amavis has an interface policy at 10030 where it takes action according to the policy settings. You can adjust the Amavis policy as you see fit. In the example above, it bypasses ALL checks (spam, banned, header and virus) checks. 

Here's the blacklist (much simpler)

In /etc/amavis/conf/50_user set the following:

# Blacklist Senders
@blacklist_sender_maps=(read_hash(\%blacklist_sender, '/etc/amavis/black.lst'));

And populate /etc/amavis/black.lst with senders you wish to block.

There is also a way to do a sender to recipient block/allow but that only bypasses spam checks and it's a bit more complicated to set. I can send you info on that if you want.

Thanks



-----Original Message-----
From: amavis-users [mailto:amavis-users-bounces+dino.edwards=mydirectmail.net at amavis.org] On Behalf Of Curtis Vaughan
Sent: Thursday, July 11, 2019 4:38 PM
To: amavis-users at amavis.org
Subject: whitelist

I have been unable for a very long time now to figure out how to whitelist certain email address or domains. 
I have found several different blogs/help sites that "provide" an answer, but none of them have ever worked. 
Creating whitelists for postfix that referred to by main.cf definitely haven't worked. Another "solution" involved including a line in main.cf that basically tried to bypass amavis.
Anyhow, I feel I'm approaching the solution in either case the wrong way as they concentrate on postfix and not amavis. 
Hopefully someone can't point me in the right direction?
Thanks!

I'm using postfix with amavis on ubuntu.

More information about the amavis-users mailing list