skip checking for mail address
Matus UHLAR - fantomas
uhlar at fantomas.sk
Mon May 18 19:43:00 CEST 2020
>On Mon, 18 May 2020 at 15:37, Matus UHLAR - fantomas <uhlar at fantomas.sk> wrote:
>>
>> seems that addresses used in bypass_virus_checks_maps and
>> bypass_spam_checks_maps, are the envelope from addresses.
>>
>> We have gateway that sends reports with envelope addresses empty ("<>"), but
>> From: in headers is in form MAILER-DAEMON at mail.gateway
>>
>> unfortunately, other mails come through the gateway with emppty envelope
>> from, so the only address I can safely (gateway takes care of faking the
>> address) whitelist is therefore the header address.
>>
>> is it possible to use header address in whitelisting?
>>
>> Or is there any trick to whitelist such address?
On 18.05.20 15:52, Dominic Raferd wrote:
>@whitelist_sender_maps whitelists based on either of the From header
>address or the envelope sender address.
well, I have tried to $bypass_spam_checks{'address at mail.gateway'}=1;
and with address in From: was scanned and smavisd even logged:
May 18 17:00:11 mail amavis[5414]: (05414-11) Passed CLEAN {RelayedInbound},
[x.x.x.x]:29354 ESMTP/LMTP <> -> <redacted>, (), Queue-ID: X,
Message-ID: <... at mail.gateway>, mail_id:
UWTOVxZdTfiR, b: tpOHtsF7t, Hits: -16, size: 24677, queued_as: Y,
Subject: "Quarantine Summary: [ 2 message(s) quarantined from Mon, 18 May
2020 14:00:00 +0200 to Mon, 18 May 2", From: <address at mail.gateway>,
helo=mail.gateway, Tests:
[ALL_TRUSTED=-1,BAYES_40=-0.001,HTML_MESSAGE=0.001,USER_IN_DEF_WHITELIST=-15],
autolearn=no autolearn_force=no, autolearnscore=0.001, 7810 ms
>(It is not very good behaviour
>IMO: I suspect the code was really written for @blacklist_sender_maps
>and just carried over to work with the whitelist, the behaviour is
>conservative for a blacklist but risks letting through bad stuff with
>a whitelist. I don't use this type of whitelisting at all any more.)
I agree that simply whitelisting sender is not safe. We must make it safe
ourselves.
--
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. -- Benjamin Franklin, 1759
More information about the amavis-users
mailing list