Yes, I know sender address can be easily faked.
I have only incoming path on port 10024 for amavis and port 10026 for
postfix.
I need this feature for banned files filtering, not spam or virus check,
between users inside my domains.
I try different setups, but they all or don't work or bypassing all mail
without any filtering.
Martin's also doesn't work. Seems I do something wrong...
Martin Johannes Dauser <[email protected]> писал(а) в своём письме Mon,
12 Aug 2019 17:33:38 +0300:
FIRST, be warned that sender address can be spoofed really easily. So
you shouldn't put too much trust into them!
I guess you haven't configured incomming and originating/outgoing paths
for amavis yet? Something similar to this (ports 10024 and 10026 need to
be delivered by your MTA of course):
@mynetworks_maps = (read_array('/etc/amavisd/mynetworks'),);
# IP-addresses regarded as local/originating saved as one IP or one
Network with CIDR notation per line
read_hash(\%whitelist_sender, '/etc/amavisd/whitelist_senders');
@listen_sockets = ( # incomming
'127.0.0.1:10024',
# originating
'127.0.0.1:10026',
);
$interface_policy{'10024'} = 'INCOMMING';
$interface_policy{'10026'} = 'ORIGINATING';
$policy_bank{'INCOMMING'} = {
# set incomming mails as NOT-originating
originating => 0,
# mails from trusted envelope senders won't get scanned
by Spamassassin
whitelist_sender_maps => [ \%whitelist_sender ],
# other settings
#...
};
$policy_bank{'ORIGINATING'} = {
# set local smtpd as originating
originating => 1,
# other settings
#...
};
----------
An alternative is to modify spam scores of senders. This defines a bonus
or malus on spamassassin's values. You may have even different values
depending on recipients. E.g. '[email protected]' and global '.' which
means 'any other' and must set as last line in @score_sender_maps.
@score_sender_maps = (
{ '[email protected]' => [
read_hash('/etc/amavisd/sender_scores_user'), ],
'.' => [ read_hash('/etc/amavisd/sender_scores_sitewide'), ],
}
);
Within /etc/amavisd/sender_scores_sitewide
# Descr.: Hash Lookup (associative array lookup) for global soft
white-/blacklsting# Note.: see
https://amavis.org/README.lookups.txt for details about hash lookups
# Format of the text file: one address per line
# Each address can have an associated optional value
(also known as the
# 'righthand side' or RHS) separated from the address by
whitespace.
# An absence of a value implies 1.
[email protected] 1.0
domain.spamschleu.de 8.0
[email protected] -5.0
trusted.doma.in -3.5
Greetings
Martin
On Mon, 2019-08-12 at 11:19 +0300, [email protected] wrote:
Hi, is there any way to make whitelist for senders? Weird, but
read_hash(\%whitelist_sender, '/etc/amavisd/whitelist');
@whitelist_sender_maps = (\%whitelist_sender);
make it for recipients, not senders...
