Bruce, > I'm sure much of this is answered somewhere, but I'm sure missing it. > Perhaps all of you can lend a hand here. > I am using postfix-amavisd-new-spamassassin-mysql, with sql whitelisting > enabled and working. > > 1 - On a server with multiple domains, is there a way to create an 'all > domains' whitelist entry?
Not easily (by see below). Whitelisting foreing mail that happens to carry you own sender domain is too easily abused, all such spam will get through if you do what you intend. A reliable solution is to turn off spam checking for mail coming from trusted sources, either from mynetworks, or from authenticated users. Policy banks are a natural mechanism to deal with it: http://www.ijs.si/software/amavisd/amavisd-new-docs.html#pbanks > Currently in a table 'amav_users' I can set a > configuration like: > id=1 > priority=9 > policy_id=1 > email='@domain.com' (for example) > fullname='domain' > local='Y' > (Using the sample default mysql configuration listed with > amavisd-new) > I would like to be able to set that email column to be able to whitelist an > address for every domain in my system without having to repeat them for > each domain in amav_wblist (again, using the sample amavisd-new table > construction) The difficulty here is that wblist.sid (sender id) refers to table mailaddr, not to table users. This means you have to provide one mailaddr record for each of your domains, to be able to whitelist them. There may be a way around it with a clever use of SELECT/JOIN/UNION?/... The hash %sql_clause lets you provide your own SELECT clauses, overriding defaults. The $sql_clause{'sel_wblist'} by default contains a reference to $sql_select_white_black_list which is: $sql_select_white_black_list = 'SELECT wb FROM wblist LEFT JOIN mailaddr ON wblist.sid=mailaddr.id'. ' WHERE (wblist.rid=?) AND (mailaddr.email IN (%k))'. ' ORDER BY mailaddr.priority DESC'; If you want you can provide another SELECT clause for the purpose. The associated comments describe roles of ? and %k: # The SQL select clause to check sender in per-recipient whitelist/blacklist # The first SELECT argument '?' will be users.id from recipient SQL lookup, # the %k will be sender addresses (e.g. full address, domain only, catchall). # Only the first occurrence of '?' will be replaced by users.id, subsequent # occurrences of '?' will see empty string as an argument. There can be zero # or more occurrences of %k, lookup keys will be multiplied accordingly. # Up until version 2.2.0 the '?' had to be placed before the '%k'; # starting with 2.2.1 this restriction is lifted. > 2 - What does priority in the above table actually do for you? Does anyone > set anything other than the default priority, and why? The same question > can also be asked concerning the amav_mailaddr table. The highest priority record is used when multiple records match. If you have for example entries [EMAIL PROTECTED], @sub.example.com, and @.com, then all three do match address [EMAIL PROTECTED] Which one gets used depends on their priority field. The idea is that one normally wants the closest match to win, so it is natural that more specific records are given higher priorities than less specific. The suggested priorities are always sufficient as far as I know. > 3 - In the newer versions of amavisd-new, the whitelist uses negative and > positive numbers to directly modify the scoring of spam. How do you get > that same function working in the sql configuration? The field wblist.wb can contain a number (like 12 or -3.45), or a hard-whitelisting 'W' or hard-blaclisting 'B' character. Mark ------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ AMaViS-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
