Gary V wrote:
> R.Smits wrote:
>
>> Mark Martinec wrote:
>
>>> R.Smits,
>>>
>>>
>>>> We want to whitelist all the mail : internal --> internal.
>>>> We do NOT want to whitelist : internal --> external
>>>> Also ofcourse NOT whitelist : external --> internal (makes sense :-)
>>>>
>>>> Is this possible with one instance of amavis. I know you can whitelist
>>> >from internal with a policy bank and mynetworks.
>>>> But this is more complicated.
>>>
>>> Not much more complicated. Internal origin is identified by a policy bank,
>>> e.g. on MYNETS, external recipient is the one who belongs to a non-local
>>> domain:
>>>
>>> $policy_bank{'MYNETS'} = { # mail is coming from inside
>>> spam_lovers_maps => [
>>> {'mydomain.example.com'=>1, #recipient local, don't mind spam
>>> (=whitelist)
>>> '.'=>0, # all the rest: nonlocal recipient, not a spam lover
>>> }
>>> ],
>>> ...
>>> };
>>>
>>> Mark
>> Hi,
>
>> This is what I know,
>> ----------------------------
>> mynetworks = 127.0.0.0/8 !192.168.1.1 192.168.1.0/24
>
>> In amavisd.conf @mynetworks determines which clients will use the
>> 'MYNETS' policy bank:
>
>> @mynetworks = qw( 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10
>> !192.168.1.1 192.168.1.0/24 );
>
>> And you would configure the 'MYNETS' policy bank as desired:
>
>> $policy_bank{'MYNETS'} = { # clients in @mynetworks
>> bypass_spam_checks_maps => [1], # don't spam-check internal mail
>> };
>> ----------------------------
>> This should work, but the mail coming from local (mynetworks) is now not
>> being scanned when going to the outside world. This we DO want. We are
>> hosting multiple domains, so we must check on IP number, not domain name.
>> Your solution will make everyone from yourdomain.com a spam_lover ? Or
>> am I wrong ?
>
>> Greetings... Richard
>
> 1 = true
> 0 = false
>
> bypass_spam_checks_maps => [1], # true for all recipients
>
> bypass_spam_checks_maps => [
> {'mydomain.example.com' => 1, # True for our domain
> '.' => 0, # false for everyone else
> }
> ],
>
> I believe this would work as well (in other words, true is assumed if
> the domain is listed, and false is assumed if it is not):
>
> bypass_spam_checks_maps => [[qw( .example.com .example.net )]],
> # domains we host
>
> You could use spam_lovers_maps instead of bypass_spam_checks_maps
> as Mark has shown. I think bypassing would save processing on
> internal mail, but on the other hand, scanning may give Bayes some
> needed ham.
>
> Gary V
I'm sorry, but I am a bit confused,
Lets start again :-)
We want to whitelist everything from our network. We can do this with
the policy bank MYNETS. (No problem here)
But now comes the big issue, we do NOT want to whitelist to the outside
world. (Outside our networks)
We want to sent that mail back to the senders internally. DSN
I believe the above examples do not solve this, or am I wrong ?
Thank you for helping ,
Greetings... R,Smits
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
