Whitelist advice, correct way to minimize score for known domains from gapps
Dusan Obradovic
dusan at euracks.net
Wed Feb 28 23:04:26 CET 2018
> On Feb 26, 2018, at 19:36, Dauser Martin Johannes <mdauser at cs.sbg.ac.at> wrote:
>
> within amavis:
> ##############
>
> A) As those mails are successfully DKIM signed you could do a hard or
> soft whitelist by selecting a custom policy bank based on successful
> DKIM and sender's envelope address (Return-Path: )
>
> @author_to_policy_bank_maps = (
> read_hash("/etc/amavisd/DKIM_sender_to_policy-bank") );
> ##
> ## content example /etc/amavisd/DKIM_sender_to_policy-bank
> ##
> ## 'dddddd at SENDERTLD.com' 'WHITELIST'
> ## 'SENDERTLD.com' 'MILD_WHITELIST'
>
> # do no spamassassin checks at all
> $policy_bank{'WHITELIST'} = {
> bypass_spam_checks_maps => [1],
> spam_lovers_maps => [1],
> };
>
> # reduce spam score by 3.0
> $policy_bank{'MILD_WHITELIST'} = {
> score_sender_maps => [ { '.' => [-3.0] } ],
> };
SpamAssassin's alternative,
whitelist_auth user at sender.tld *@sender.tld
whitelist_auth add at ress.com
Used to specify addresses which send mail that is often tagged
(incorrectly) as spam. This is different from "whitelist_from"
and "whitelist_from_rcvd" in that it first verifies that the
message was sent by an authorized sender for the address, before
whitelisting.
Authorization is performed using one of the installed
sender-authorization schemes: SPF (using
"Mail::SpamAssassin::Plugins::SPF"), Domain Keys (using
"Mail::SpamAssassin::Plugins::DomainKeys"), or DKIM (using
"Mail::SpamAssassin::Plugins::DKIM"). Note that those plugins
must be active, and working, for this to operate.
Using "whitelist_auth" is roughly equivalent to specifying
duplicate "whitelist_from_spf", "whitelist_from_dk", and
"whitelist_from_dkim" lines for each of the addresses specified.
e.g.
whitelist_auth joe at example.com fred at example.com
whitelist_auth *@example.com
More information about the amavis-users
mailing list