GP,
> searched for some time and did not find answer, so here is my question.
> Is it possible to whitelist sender-recipient domain pair with amavis?
> I need rule to whitelist (skip any amavis checks) any mail from
> *[email protected] to *[email protected], mail from *[email protected] to
> *[email protected]
> must be checked as usual.
Is the sending domain one of your own, or is foreign?
Whitelisting blindly on the sender address is an invitation
for spam claiming to be from such a (faked) domain.
If you insist, this is possible through @score_sender_maps, which
is a two-level lookup: the outer level is list of by-recipient
lookup tables, each of them (the inner level) is a list of by-sender
lookup tables. For example (using a hash type lookup tables):
@score_sender_maps = ({
'[email protected]' => [{'.ebay.com' => -3.0}],
'[email protected]' => [{'.' => 0.123}],
'.example.net' => [{
'[email protected]' => -100,
'.sender2domain.example' => -5,
'.sender3domain.example' => -100,
}],
'.example.org' => [{
'.ebay.com' => -8,
'.gmail.com' => -1,
}],
});
The righthand sides are scores which are added to the final score,
so a large negative score behaves similarly to whitelisting.
A much more reliable possibility is offered if the sending domain
is signing its outgoing mail with a DKIM signature. In this case
the From address is protected by a signature (if signature is valid),
so you can trust the From address as much you trust each signing domain.
To make use of it, the signed From address can cause a policy bank
being loaded, which may then grant whatever it wants to such mail,
such as higher kill levels, or by-recipient whitelisting, or
bypassing of banned or spam or virus checks altogether.
For example:
@author_to_policy_bank_maps = ({
'uni-bremen.de' => 'STRONG_WHITELIST',
'tugraz.at' => 'STRONG_WHITELIST',
'tu-graz.ac.at' => 'STRONG_WHITELIST',
'aitech.ac.jp' => 'STRONG_WHITELIST',
'.ebay.com' => 'STRONG_WHITELIST',
'.ebay.co.uk' => 'STRONG_WHITELIST',
'ebay.at' => 'STRONG_WHITELIST',
'ebay.ca' => 'STRONG_WHITELIST',
'ebay.de' => 'STRONG_WHITELIST',
'ebay.fr' => 'STRONG_WHITELIST',
'.paypal.com' => 'STRONG_WHITELIST',
'.paypal.de' => 'STRONG_WHITELIST',
'.paypal.co.uk' => 'STRONG_WHITELIST',
'./@paypal.com' => 'STRONG_WHITELIST',
'cern.ch' => 'STRONG_WHITELIST',
'amazon.com' => 'STRONG_WHITELIST',
'cisco.com' => 'STRONG_WHITELIST',
'alert.bankofamerica.com' => 'STRONG_WHITELIST',
'.cnn.com' => 'STRONG_WHITELIST',
'.skype.com' => 'STRONG_WHITELIST',
'skype.com' => 'STRONG_WHITELIST',
'skype.net' => 'STRONG_WHITELIST',
'cc.yahoo-inc.com/@yahoo-inc.com' => 'STRONG_WHITELIST',
'cc.yahoo-inc.com' => 'STRONG_WHITELIST',
'.linkedin.com' => 'MILD_WHITELIST',
'google.com' => 'MILD_WHITELIST',
'googlemail.com' => 'MILD_WHITELIST',
'./@googlegroups.com' => 'MILD_WHITELIST',
'./@yahoogroups.com' => 'MILD_WHITELIST',
'./@yahoogroups.co.uk' => 'MILD_WHITELIST',
'./@yahoogroupes.fr' => 'MILD_WHITELIST',
'yousendit.com' => 'MILD_WHITELIST',
'meetup.com' => 'MILD_WHITELIST',
'[email protected]' => 'MILD_WHITELIST',
'info.hp.com' => 'MILD_WHITELIST',
'[email protected]' => 'MILD_WHITELIST',
});
$policy_bank{'WHITELIST'} = {
bypass_spam_checks_maps => [1],
spam_lovers_maps => [1],
};
$policy_bank{'SELECTIVE_WHITELIST'} = {
spam_lovers_maps => [[qw( [email protected] .myotherdomain.example )]],
};
$policy_bank{'STRONG_WHITELIST'} = {
score_sender_maps => [ { '.' => [-8] } ],
};
$policy_bank{'MILD_WHITELIST'} = {
score_sender_maps => [ { '.' => [-1.5] } ],
};
$policy_bank{'NOVIRUSCHECK'} = {
bypass_decode_parts => 1,
bypass_virus_checks_maps => [1],
virus_lovers_maps => [1],
};
$policy_bank{'NOBANNEDCHECK'} = {
bypass_banned_checks_maps => [1],
banned_files_lovers_maps => [1],
};
See RELEASE_NOTES, search for @author_to_policy_bank_maps .
> I have tried to do this with postfix check_policy_service in
> smtpd_recipient_restrictions with no success.
See Noel's reply. To make it work properly for multi-recipient mail,
one needs two Postfix instances.
Mark
------------------------------------------------------------------------------
This SF.net Dev2Dev email is sponsored by:
Show off your parallel programming skills.
Enter the Intel(R) Threading Challenge 2010.
http://p.sf.net/sfu/intel-thread-sfd
_______________________________________________
AMaViS-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/amavis-user
Please visit http://www.ijs.si/software/amavisd/ regularly
For administrativa requests please send email to rainer at openantivirus dot
org
