Re: [AMaViS-user] Whitelist question
This is a discussion on Re: [AMaViS-user] Whitelist question within the Amavis User forums, part of the Anti-Spam and Anti-Virus Related Forums category; R.Smits wrote: > Mark Martinec wrote: >> R.Smits, >> >> >>>We want ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
09-29-2006
|
|||
|
|||
Re: [AMaViS-user] Whitelist question
R.Smits wrote:
> Mark Martinec wrote: >> R.Smits, >> >> >>>We want to whitelist all the mail : internal --> internal. >>>We do NOT want to whitelist : internal --> external >>>Also ofcourse NOT whitelist : external --> internal (makes sense :-) >>> >>>Is this possible with one instance of amavis. I know you can whitelist >>>from internal with a policy bank and mynetworks. >>>But this is more complicated. >> >> >> Not much more complicated. Internal origin is identified by a policy bank, >> e.g. on MYNETS, external recipient is the one who belongs to a non-local >> domain: >> >> $policy_bank{'MYNETS'} = { # mail is coming from inside >> spam_lovers_maps => [ >> {'mydomain.example.com'=>1, #recipient local, don't mind spam (=whitelist) >> '.'=>0, # all the rest: nonlocal recipient, not a spam lover >> } >> ], >> ... >> }; >> >> Mark > Hi, > This is what I know, > ---------------------------- > mynetworks = 127.0.0.0/8 !192.168.1.1 192.168.1.0/24 > In amavisd.conf @mynetworks determines which clients will use the > 'MYNETS' policy bank: > @mynetworks = qw( 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10 > !192.168.1.1 192.168.1.0/24 ); > And you would configure the 'MYNETS' policy bank as desired: > $policy_bank{'MYNETS'} = { # clients in @mynetworks > bypass_spam_checks_maps => [1], # don't spam-check internal mail > }; > ---------------------------- > This should work, but the mail coming from local (mynetworks) is now not > being scanned when going to the outside world. This we DO want. We are > hosting multiple domains, so we must check on IP number, not domain name. > Your solution will make everyone from yourdomain.com a spam_lover ? Or > am I wrong ? > Greetings... Richard 1 = true 0 = false bypass_spam_checks_maps => [1], # true for all recipients bypass_spam_checks_maps => [ {'mydomain.example.com' => 1, # True for our domain '.' => 0, # false for everyone else } ], I believe this would work as well (in other words, true is assumed if the domain is listed, and false is assumed if it is not): bypass_spam_checks_maps => [[qw( .example.com .example.net )]], # domains we host You could use spam_lovers_maps instead of bypass_spam_checks_maps as Mark has shown. I think bypassing would save processing on internal mail, but on the other hand, scanning may give Bayes some needed ham. Gary V ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?p...rge&CID=DEVDEV _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/...fo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/ 
|
Linear Mode
