Dino... IIRC the following doesn't work if Amavis is set in postfix as a pre-accept filter, right? [It seems I looked at doing it this way, but since we use Amavis as a pre MTA-accpet filter, this wasn't even an option. Just wanting to confirm...]
-Greg DE> Here's how to do it with BONUS blacklist: DE> In postfix /etc/postfix/main.cf set the following for whitelist senders: DE> smtpd_sender_restrictions = check_sender_access DE> hash:/etc/postfix/amavis_senderbypass DE> In the /etc/postfix/amavis_senderbypass file enter email DE> addresses and/or domains you wish to whitelist (one per line) as follows: DE> [email protected] FILTER amavis:[127.0.0.1]:10030 DE> example2.com FILTER amavis:[127.0.0.1]:10030 DE> Ensure you postmap the file and reload postfix DE> In Amavis /etc/amavis/conf/50_user set the following to whitelist DE> recipients (ensure port 10030 is available in your system): DE> $inet_socket_port = [10021, 10030]; DE> # This policy will bypass ALL checks. DE> read_hash(\%whitelist_sender, '/etc/amavis/white.lst'); DE> @whitelist_sender_maps = (\%whitelist_sender); DE> $interface_policy{'10030'} = 'BYPASSALLCHECKS'; DE> $policy_bank{'BYPASSALLCHECKS'} = { # mail from the pickup daemon DE> log_level => 5, DE> bypass_spam_checks_maps => ['@whitelist_sender_maps'], # don't spam-check this mail DE> bypass_banned_checks_maps => ['@whitelist_sender_maps'], # don't banned-check this mail DE> bypass_header_checks_maps => ['@whitelist_sender_maps'], # don't header-check this mail DE> bypass_virus_checks_maps => ['@whitelist_sender_maps'], # don't virus-check this mail DE> }; DE> In /etc/amavis/white.lst enter the the SAME senders and/or DE> domains as you set in the /etc/postfix/amavis_senderbypass file DE> from above but without the "FILTER amavis:[127.0.0.1]:10030" part as follows (one per line): DE> [email protected] DE> example2.com DE> So basically this tells postfix that any sender matching the list DE> to inject to Amavis at port 10030 and then Amavis has an interface DE> policy at 10030 where it takes action according to the policy DE> settings. You can adjust the Amavis policy as you see fit. In the DE> example above, it bypasses ALL checks (spam, banned, header and virus) checks. DE> Here's the blacklist (much simpler) DE> In /etc/amavis/conf/50_user set the following: DE> # Blacklist Senders DE> @blacklist_sender_maps=(read_hash(\%blacklist_sender, '/etc/amavis/black.lst')); DE> And populate /etc/amavis/black.lst with senders you wish to block. DE> There is also a way to do a sender to recipient block/allow but DE> that only bypasses spam checks and it's a bit more complicated to DE> set. I can send you info on that if you want. DE> Thanks DE> -----Original Message----- DE> From: amavis-users DE> [mailto:[email protected]] On Behalf Of Curtis Vaughan DE> Sent: Thursday, July 11, 2019 4:38 PM DE> To: [email protected] DE> Subject: whitelist DE> I have been unable for a very long time now to figure out how to DE> whitelist certain email address or domains. DE> I have found several different blogs/help sites that "provide" an DE> answer, but none of them have ever worked. DE> Creating whitelists for postfix that referred to by main.cf DE> definitely haven't worked. Another "solution" involved including a DE> line in main.cf that basically tried to bypass amavis. DE> Anyhow, I feel I'm approaching the solution in either case the DE> wrong way as they concentrate on postfix and not amavis. DE> Hopefully someone can't point me in the right direction? DE> Thanks! DE> I'm using postfix with amavis on ubuntu. -- Gregory Sloop, Principal: Sloop Network & Computer Consulting Voice: 503.251.0452 x82 EMail: [email protected] http://www.sloop.net ---
