Re: [AMaViS-user] SA whitelist usage

Hi Gary,

Now then I've read your reply and gave it another thought, I think you're
right. This is not the right tool for whitelisting internal server users.

I'll try one of your bypassing examples on
http://www200.pair.com/mecham/spam/bypassing.html


Best Regards,
Leon Kolchinsky




-----Original Message-----
From: amavis-user-bounces@lists.sourceforge.net
[mailto:amavis-user-bounces@lists.sourceforge.net] On Behalf Of Gary V
Sent: Saturday, December 02, 2006 9:20 PM
To: amavis-user@lists.sourceforge.net
Subject: Re: [AMaViS-user] SA whitelist usage

Leon wrote:

> So, if I got you right
> If I want to whitelist_from_rcvd to work for users of my own server I
should
> delist it from trusted_networks and internal_networks (i.e. 127/8 should
> never be included)?
> This way the first untrusted server would be my own, right?

> # Internal
> clear_internal_networks
> internal_networks 127/8 IP_of_first_mail_relay IP_of_second_mail_relay
> # Trusted
> clear_trusted_networks
> trusted_networks 127/8 IP_of_first_mail_relay IP_of_second_mail_relay

> Becomes:

> # Internal
> clear_internal_networks
> internal_networks IP_of_first_mail_relay IP_of_second_mail_relay
> # Trusted
> clear_trusted_networks
> trusted_networks IP_of_first_mail_relay IP_of_second_mail_relay

> and now:
> whitelist_from_rcvd user@mydomain.net.il mydomain.net.il

> Would work as it should?

I think you are using the wrong tool. If you properly list your
internal network (127/8 is in your internal network and therefore
should be included) then senders in your network will benefit from
ALL_TRUSTED which is a form of whitelisting. If the mail comes from an
internal network, then there are a number of tests that will be
skipped (to the senders benefit). Let's say your network is
666.666.666.0/24. Your clients are in this network. Let's say the
client wanting the send mail is 666.666.666.113 and your email server
is 666.666.666.12.

clear_internal_networks
internal_networks 127/8 666.666.666.0/24
clear_trusted_networks
trusted_networks 127/8 666.666.666.0/24

Mail sent from anyone in your network will now benefit from ALL_TRUSTED.

Let's say you have a sender sender@example.com and the last host
(according to rDNS) in the chain to relay mail to your network
(the first untrusted host) is host.example.com (but is could also be
host2.example.com).

You will want to set:

whitelist_from_rcvd sender@example.com example.com

whitelist_from_rcvd is not the right tool to whitelist senders inside
your network. It's better suited to whitelist senders outside your network.
The right way to do help out senders in your network is to properly set
up the trust path. Don't just include the IP address of your sever,
include your entire network so any user that sends mail from your
network benefits.

Gary V


-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?p...rge&CID=DEVDEV
_______________________________________________
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/...fo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/



-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?p...rge&CID=DEVDEV
_______________________________________________
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/...fo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/