sender maps and whitelisting

Alex mysqlstudent at gmail.com
Mon Apr 22 05:04:52 CEST 2024


Hi,

I've just started using sender_maps instead of the welcomelist in
spamassassin directly and have a few questions. Here is my current
sender_map:

   '.gtenney.com' => [{ '.*@send.undone.com'                     => -100.0,
                        '.*@mg-d0.substack.com'      => -100.0,
                        '.*@mg-d1.substack.com'       => -100.0,
                        ....
First, can you confirm it is only the envelope from that yo can whitelist
using this method? Is there any way to require SPF pass?

Instead of effectively whitelisting any emails from all of substack based
on the above, I wondered if I can use more of the lhs of the address. This
is the full envelope sender address:

bounce+77295b.63af5d-noelbaron=gtenney.com at mg-d0.substack.com

I think the "77295b.63af5d" part may be dynamic (like a message-ID kind of
thing), so I was wondering if I could restrict it like the following?

                 '.*gtenney.com at mg-d0.substack.com'    => -100.0,

Also, when a message is whitelisted using this method, what is the
"actions_performed" field defined to be? It seems like SA still considers
it to be spam, but then amavisd also considers it to be quarantined yet
also delivers it?

Here's an example:

Apr 19 17:21:23 xavier amavis[679593]: (679593-18)
{"@timestamp":"2024-04-19T21:21:22.452Z","action":["DISCARD","PASS"],"actions_performed":"DiscardedInbound
RelayedInbound Quarantined","attached_file_names":["message.msg"],"author":"
watchrecon.com at gmail.com"]

Thanks,
Alex
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.amavis.org/pipermail/amavis-users/attachments/20240421/42972cc7/attachment.htm>


More information about the amavis-users mailing list