Coert,
> [...] I have a setup with postfix and dovecot, where all authentication
> happens from LDAP.
>
> Is it necessary for me to have amavis connect to the LDAP as well?
Not necessary, unless you want to use the same LDAP mechanism
for per-recipient settings and white/blacklisting, maybe because
you want your users to be able to directly adjust their settings
in LDAP.
Statical lookups are always available, global or per-recipient.
> I want to be able to somewhere make a list of whitelisted addresses.
If you only need few addresses to be white (or -black) listed
and settings do not change often, the easiest is to use statical
lookups - see @score_sender_maps, @whitelist_sender_maps, and
$per_recip_whitelist_sender_lookup_tables in amavisd.conf-sample.
Note that plain whitelisting is pretty much useless these days,
when almost all sender and author addresses in spam and viruses
are faked. Whitelisting one domain will let through all spam
which happens to use that domain as its sending address.
If you really must use it, just assign few negative score points
though @score_sender_maps, not giving it a full blanco access.
The only useful whitelisting mechanisms nowadays are based
on some form of authentication of the sending host or domain.
On the amavisd side a reliable way to whitelist authors
or their domains based on their DKIM (or DK) signature is
to use @author_to_policy_bank_maps. This allows not only
whitelisting against spam, but also on virus and banned checks,
if you chose so.
For example:
@author_to_policy_bank_maps = (
'uu.se' => 'WHITELIST',
'uni-bremen.de' => 'WHITELIST',
'tugraz.at' => 'WHITELIST',
'tu-graz.ac.at' => 'WHITELIST',
'aitech.ac.jp' => 'WHITELIST',
'eurescom.eu' => 'WHITELIST',
'.ebay.com' => 'WHITELIST',
'.ebay.co.uk' => 'WHITELIST',
'ebay.at' => 'WHITELIST',
'ebay.ca' => 'WHITELIST',
'ebay.de' => 'WHITELIST',
'ebay.fr' => 'WHITELIST',
'.paypal.com' => 'WHITELIST',
'.paypal.co.uk' => 'WHITELIST',
'./@paypal.com' => 'WHITELIST',
'amazon.com' => 'WHITELIST',
'.cnn.com' => 'WHITELIST',
'skype.net' => 'WHITELIST',
'welcome.skype.com' => 'WHITELIST',
'cc.yahoo-inc.com/@yahoo-inc.com' => 'WHITELIST',
'cc.yahoo-inc.com' => 'WHITELIST',
'.linkedin.com' => 'MILD_WHITELIST',
'google.com' => 'MILD_WHITELIST',
'googlemail.com' => 'MILD_WHITELIST',
'./@googlegroups.com' => 'MILD_WHITELIST',
'./@yahoogroups.com' => 'MILD_WHITELIST',
'./@yahoogroups.co.uk' => 'MILD_WHITELIST',
'./@yahoogroupes.fr' => 'MILD_WHITELIST',
'yousendit.com' => 'MILD_WHITELIST',
'meetup.com' => 'MILD_WHITELIST',
'[EMAIL PROTECTED]' => 'MILD_WHITELIST',
});
$policy_bank{'MILD_WHITELIST'} = {
score_sender_maps => [ { '.' => [-1.8] } ],
};
$policy_bank{'WHITELIST'} = {
bypass_spam_checks_maps => [1],
spam_lovers_maps => [1],
};
Alternatively, SpamAssassin offers a couple of useful
whitelisting mechanisms, based on DKIM, DK, SPF, or based on
a domain in Received header field. Some examples (local.cf):
whitelist_from_dkim [EMAIL PROTECTED]
whitelist_from_dkim [EMAIL PROTECTED]
whitelist_from_dkim [EMAIL PROTECTED]
whitelist_from_dkim [EMAIL PROTECTED]
whitelist_from_dkim [EMAIL PROTECTED]
whitelist_from_dkim [EMAIL PROTECTED]
whitelist_from_dkim [EMAIL PROTECTED]
whitelist_from_dkim [EMAIL PROTECTED]
whitelist_from_dkim [EMAIL PROTECTED]
whitelist_from_dkim [EMAIL PROTECTED]
whitelist_from_dkim [EMAIL PROTECTED] paypal.com
whitelist_from_spf [EMAIL PROTECTED]
whitelist_from_rcvd [EMAIL PROTECTED] yahoo.com
whitelist_from_rcvd [EMAIL PROTECTED] yahoo.com
whitelist_from_rcvd [EMAIL PROTECTED] elsevier.com
whitelist_from_rcvd [EMAIL PROTECTED] bund.de
There is also a 'whitelist_auth' setting, which covers
both DKIM/DK and SPF under one word (with a little less
flexibility). See: man Mail::SpamAssassin::Conf
> And I want to have notifications sent to my postmaster address for every
> spam and virus infected mail that is 'caught'
$virus_admin = "[EMAIL PROTECTED]";
or perhaps more useful (just to see new virus types):
$newvirus_admin = "[EMAIL PROTECTED]";
For spam setting a global $spam_admin is pretty much useless,
as you'd be getting practically all mail. More useful is to set
$spam_admin from a policy banks triggered by mail from local
users, so you'd be notified of a spam originating from your site:
$inet_socket_port = [10024,10026];
$interface_policy{'10026'} = 'ORIGINATING';
$policy_bank{'ORIGINATING'} = { # mail originating from our users
originating => 1,
virus_admin_maps => ["[EMAIL PROTECTED]"],
spam_admin_maps => ["[EMAIL PROTECTED]"],
};
Mark
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
AMaViS-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
