R.Smits wrote:
> Mark Martinec wrote:
>> R.Smits,
>>
>>
>>>We want to whitelist all the mail : internal --> internal.
>>>We do NOT want to whitelist : internal --> external
>>>Also ofcourse NOT whitelist : external --> internal (makes sense :-)
>>>
>>>Is this possible with one instance of amavis. I know you can whitelist
>>>from internal with a policy bank and mynetworks.
>>>But this is more complicated.
>>
>>
>> Not much more complicated. Internal origin is identified by a policy bank,
>> e.g. on MYNETS, external recipient is the one who belongs to a non-local
>> domain:
>>
>> $policy_bank{'MYNETS'} = { # mail is coming from inside
>> spam_lovers_maps => [
>> {'mydomain.example.com'=>1, #recipient local, don't mind spam
>> (=whitelist)
>> '.'=>0, # all the rest: nonlocal recipient, not a spam lover
>> }
>> ],
>> ...
>> };
>>
>> Mark
> Hi,
> This is what I know,
> ----------------------------
> mynetworks = 127.0.0.0/8 !192.168.1.1 192.168.1.0/24
> In amavisd.conf @mynetworks determines which clients will use the
> 'MYNETS' policy bank:
> @mynetworks = qw( 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10
> !192.168.1.1 192.168.1.0/24 );
> And you would configure the 'MYNETS' policy bank as desired:
> $policy_bank{'MYNETS'} = { # clients in @mynetworks
> bypass_spam_checks_maps => [1], # don't spam-check internal mail
> };
> ----------------------------
> This should work, but the mail coming from local (mynetworks) is now not
> being scanned when going to the outside world. This we DO want. We are
> hosting multiple domains, so we must check on IP number, not domain name.
> Your solution will make everyone from yourdomain.com a spam_lover ? Or
> am I wrong ?
> Greetings... Richard
1 = true
0 = false
bypass_spam_checks_maps => [1], # true for all recipients
bypass_spam_checks_maps => [
{'mydomain.example.com' => 1, # True for our domain
'.' => 0, # false for everyone else
}
],
I believe this would work as well (in other words, true is assumed if
the domain is listed, and false is assumed if it is not):
bypass_spam_checks_maps => [[qw( .example.com .example.net )]],
# domains we host
You could use spam_lovers_maps instead of bypass_spam_checks_maps
as Mark has shown. I think bypassing would save processing on
internal mail, but on the other hand, scanning may give Bayes some
needed ham.
Gary V
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
AMaViS-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
