<!DOCTYPE html>
<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
  </head>
  <body>
    <blockquote type="cite"
cite="mid:CAB1R3sgZjoF7XKq5iwQdEuT1stse-f2XYSa2bZ7xe1WaZioKoA@mail.gmail.com">
      <pre class="moz-quote-pre" wrap="">I've just started using sender_maps instead of the welcomelist in
spamassassin directly and have a few questions. Here is my current
sender_map:</pre>
    </blockquote>
    Is this `@score_sender_maps`?<span style="white-space: pre-wrap">
</span><span style="white-space: pre-wrap">
</span>
    <blockquote type="cite"
cite="mid:CAB1R3sgZjoF7XKq5iwQdEuT1stse-f2XYSa2bZ7xe1WaZioKoA@mail.gmail.com">
      <pre class="moz-quote-pre" wrap="">   '.gtenney.com' => [{ '.*@send.undone.com'                     => -100.0,
                        '.*@mg-d0.substack.com'      => -100.0,
                        '.*@mg-d1.substack.com'       => -100.0,
                        ....
First, can you confirm it is only the envelope from that yo can whitelist
using this method?
</pre>
    </blockquote>
    Amavis checks envelope-from as well as header-from.<br>
    <blockquote type="cite"
cite="mid:CAB1R3sgZjoF7XKq5iwQdEuT1stse-f2XYSa2bZ7xe1WaZioKoA@mail.gmail.com">
      <pre class="moz-quote-pre" wrap="">Is there any way to require SPF pass?</pre>
    </blockquote>
    To my knowledge, no. If you want some kind of authentication, you
    can use @author_to_policy_bank_maps (based on DKIM).<br>
    <blockquote type="cite"
cite="mid:CAB1R3sgZjoF7XKq5iwQdEuT1stse-f2XYSa2bZ7xe1WaZioKoA@mail.gmail.com">
      <pre class="moz-quote-pre" wrap="">Instead of effectively whitelisting any emails from all of substack based
on the above, I wondered if I can use more of the lhs of the address. This
is the full envelope sender address:

<a class="moz-txt-link-abbreviated" href="mailto:bounce+77295b.63af5d-noelbaron=gtenney.com@mg-d0.substack.com">bounce+77295b.63af5d-noelbaron=gtenney.com@mg-d0.substack.com</a>

I think the "77295b.63af5d" part may be dynamic (like a message-ID kind of
thing), so I was wondering if I could restrict it like the following?

                 '.*gtenney.com@mg-d0.substack.com'    => -100.0,</pre>
    </blockquote>
    <p><br>
    </p>
    <p>
      <blockquote type="cite">@score_sender_maps = ({<br>
            '.gtenney.com' => [<br>
                new_RE(<br>
                   [ qr'=gtenney\.com@send\.undone\.com'    => -100],<br>
                   [ qr'=gtenney\.com@mg-d0\.substack\.com' => -100],<br>
                   [ qr'=gtenney\.com@mg-d1\.substack\.com' => -100],<br>
                ),<br>
            ],<br>
        });<br>
      </blockquote>
      <br>
    </p>
    <blockquote type="cite"
cite="mid:CAB1R3sgZjoF7XKq5iwQdEuT1stse-f2XYSa2bZ7xe1WaZioKoA@mail.gmail.com">
      <pre class="moz-quote-pre" wrap="">Also, when a message is whitelisted using this method, what is the
"actions_performed" field defined to be? It seems like SA still considers
it to be spam, but then amavisd also considers it to be quarantined yet
also delivers it?

Here's an example:

Apr 19 17:21:23 xavier amavis[679593]: (679593-18)
{"@timestamp":"2024-04-19T21:21:22.452Z","action":["DISCARD","PASS"],"actions_performed":"DiscardedInbound
RelayedInbound Quarantined","attached_file_names":["message.msg"],"author":"
<a class="moz-txt-link-abbreviated" href="mailto:watchrecon.com@gmail.com">watchrecon.com@gmail.com</a>"]
</pre>
    </blockquote>
    Looks like a multi-recipient mail, where one of the recipients
    triggered a Discard+Quarantine and the other a Pass.<br>
  </body>
</html>