AMaViS: score_sender_maps

django at nausch.org django at nausch.org
Fr Nov 21 22:02:11 CET 2014


HI Joda, HI Mailingliste!

Wie sieht es denn mit der score_sender_maps aus? Ist der Einsatz von  
softwhite- und blacklisten aktuell (noch) zu empfehlen, oder kann man  
sich das sparen und das Ganze gleich direkt in der local.cf des  
Spamassassin eintragen?

Die amavisd.conf liefert dazu ja ein Beispiel mit:

@score_sender_maps = ({ # a by-recipient hash lookup table,
                         # results from all matching recipient tables  
are summed

# ## per-recipient personal tables  (NOTE: positive: black, negative: white)
# 'user1 at example.com'  => [{'bla-mobile.press at example.com' => 10.0}],
# 'user3 at example.com'  => [{'.ebay.com'                 => -3.0}],
# 'user4 at example.com'  => [{'cleargreen at cleargreen.com' => -7.0,
#                           '.cleargreen.com'           => -5.0}],

   ## site-wide opinions about senders (the '.' matches any recipient)
   '.' => [  # the _first_ matching sender determines the score boost

    new_RE(  # regexp-type lookup table, just happens to be all soft-blacklist
     [qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou)@'i         => 5.0],
     [qr'^(greatcasino|investments|lose_weight_today|market\.alert)@'i=> 5.0],
     [qr'^(money2you|MyGreenCard|new\.tld\.registry|opt-out|opt-in)@'i=> 5.0],
     [qr'^(optin|saveonlsmoking2002k|specialoffer|specialoffers)@'i   => 5.0],
     [qr'^(stockalert|stopsnoring|wantsome|workathome|yesitsfree)@'i  => 5.0],
     [qr'^(your_friend|greatoffers)@'i                                => 5.0],
     [qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i                    => 5.0],
    ),

#  read_hash("/var/amavis/sender_scores_sitewide"),

    { # a hash-type lookup table (associative array)
      'nobody at cert.org'                        => -3.0,
      'cert-advisory at us-cert.gov'              => -3.0,
      'owner-alert at iss.net'                    => -3.0,
      'slashdot at slashdot.org'                  => -3.0,
      'securityfocus.com'                      => -3.0,
      'ntbugtraq at listserv.ntbugtraq.com'       => -3.0,
      'security-alerts at linuxsecurity.com'      => -3.0,
      'mailman-announce-admin at python.org'      => -3.0,
      'amavis-user-admin at lists.sourceforge.net'=> -3.0,
      'amavis-user-bounces at lists.sourceforge.net' => -3.0,
      'spamassassin.apache.org'                => -3.0,
      'notification-return at lists.sophos.com'   => -3.0,
      'owner-postfix-users at postfix.org'        => -3.0,
      'owner-postfix-announce at postfix.org'     => -3.0,
      'owner-sendmail-announce at lists.sendmail.org'   => -3.0,
      'sendmail-announce-request at lists.sendmail.org' => -3.0,
      'donotreply at sendmail.org'                => -3.0,
      'ca+envelope at sendmail.org'               => -3.0,
      'noreply at freshmeat.net'                  => -3.0,
      'owner-technews at postel.acm.org'          => -3.0,
      'ietf-123-owner at loki.ietf.org'           => -3.0,
      'cvs-commits-list-admin at gnome.org'       => -3.0,
      'rt-users-admin at lists.fsck.com'          => -3.0,
      'clp-request at comp.nus.edu.sg'            => -3.0,
      'surveys-errors at lists.nua.ie'            => -3.0,
      'emailnews at genomeweb.com'                => -5.0,
      'yahoo-dev-null at yahoo-inc.com'           => -3.0,
      'returns.groups.yahoo.com'               => -3.0,
      'clusternews at linuxnetworx.com'           => -3.0,
      lc('lvs-users-admin at LinuxVirtualServer.org')    => -3.0,
      lc('owner-textbreakingnews at CNNIMAIL12.CNN.COM') => -5.0,

      # soft-blacklisting (positive score)
      'sender at example.net'                     =>  3.0,
      '.example.net'                           =>  1.0,

    },
   ],  # end of site-wide tables
});


Verwenden oder rauswerfen?



Servus
Django




Mehr Informationen über die Mailingliste postfix-users