Per User Blacklist and white lists

Mike Williams mike at TECHINTER.COM
Thu Mar 13 18:22:56 GMT 2003 

Ok, that didn't do anything either but when I add $message->{ishigh} = 1; to
the CustomConfig.pm in the lines you gave me it triggers the high score.
Only problem I noticed with this is when To: contains multiple recipients
and when CC: contains recipients.  It will allow that message to go through.
I suspect because the other addresses are not on the in the spam checking
and it somehow resets to a not scanned message.

Mike

-----Original Message-----
From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK]On
Behalf Of Julian Field
Sent: Wednesday, March 12, 2003 2:19 PM
To: MAILSCANNER at JISCMAIL.AC.UK
Subject: Re: Per User Blacklist and white lists


At 19:47 12/03/2003, you wrote:
>Works like a charm.  Thanks.

Great. It will be in the next release.

>   BTW quick question is there a way to assign a
>spam score to blacklisted addresses so that it will activate the high
score
>rule?

Not currently, no. But try this:
1) In the blacklisting lookup code, change the code to say this:

sub ByDomainSpamBlacklist {
   my($message) = @_;
   my($value);
   $value = LookupByDomainList($message, \%Blacklist);
   $message->{sascore} = 10 if $value;
   return $value;
}

(if you want blacklisting to score 10)

Then edit Message.pm and change line 370 from
   $this->{sascore} = $sascore; # Save the actual figure for use later...
to
   $this->{sascore} += $sascore; # Save the actual figure for use later...

Give this a try and let me know how you get on.

>-----Original Message-----
>From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK]On
>Behalf Of Julian Field
>Sent: Wednesday, March 12, 2003 12:19 PM
>To: MAILSCANNER at JISCMAIL.AC.UK
>Subject: Re: Per User Blacklist and white lists
>
>
>Looks like I never wrote the code to do the per-user lists, only
per-domain
>lists.
>
>Try editing CustomConfig.pm and making "LookupByDomainList" look like
this:
>
>sub LookupByDomainList {
>    my($message, $BlackWhite) = @_;
>
>    return 0 unless $message; # Sanity check the input
>
>    # Find the "from" address and the first "to" address
>    my($from, $fromdomain, @todomain, $todomain, @to, $to, $ip);
>    $from       = $message->{from};
>    $fromdomain = $message->{fromdomain};
>    @todomain   = @{$message->{todomain}};
>    $todomain   = $todomain[0];
>    @to         = @{$message->{to}};
>    $to         = $to[0];
>    $ip         = $message->{clientip};
>
>    # It is in the list if either the exact address is listed,
>    # or the domain is listed
>    return 1 if $BlackWhite->{$to}{$from};
>    return 1 if $BlackWhite->{$to}{$fromdomain};
>    return 1 if $BlackWhite->{$to}{$ip};
>    return 1 if $BlackWhite->{$todomain}{$from};
>    return 1 if $BlackWhite->{$todomain}{$fromdomain};
>    return 1 if $BlackWhite->{$todomain}{$ip};
>
>    # It is not in the list
>    return 0;
>}
>
>Please give this a try and let me know if it works, so I can include the
>code in the next release (due very shortly  to fix long filename checking
>bug in 4.13).
>
>At 17:48 12/03/2003, you wrote:
> >Ok, I enabled the bydoaminblacklist and bydoaminwhitelist in the
> >MailScanner.conf with
> >
> >Is Definitely Not Spam = &ByDomainSpamWhitelist
> >Is Definitely Spam     = &ByDomainSpamBlacklist
> >
> >The directorys are set to /etc/MailScanner/rules/whitelist and
> >/etc/MailScanner/rules/blacklist.  I have a file in blacklist folder
named
> >user at domain.com (actual file name is different but same format).  In
the
> >file user at domain.com I have listed several blacklist items, one is an
email
> >account that I have on aol.com.  The aol email address doesn't appear
in
>any
> >whitelist.  However, when I send email to user at domain.com from the AOL
> >account that is on the blacklist it goes through without even being
marked
> >as spam.  There are no errors when starting mailscanner and in the
logs is
> >says that it read blacklist for 1 domain.  I must be missing something
but
>I
> >haven't a clue.
> >
> >Mike
> >-----Original Message-----
> >From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK]On
> >Behalf Of Julian Field
> >Sent: Tuesday, March 11, 2003 2:24 PM
> >To: MAILSCANNER at JISCMAIL.AC.UK
> >Subject: Re: Per User Blacklist and white lists
> >
> >
> >At 19:50 11/03/2003, you wrote:
> > >Julian,
> > >
> > >Thanks for the info.  I'm looking at the code and the example is for
> > >bydomain.  I'm not sure but it looks like I can have the white and
black
> > >list by either domain.com or by user at domain.com.
> >
> >Yes you can. You can even give it IP addresses if I remember rightly.
> >
> > >   The reason I am asking is
> > >that each user will need to be able to specify their own black and
white
> > >list.  This makes it possible that one user would wish to block email
>from
> >a
> > >user at spam.com  and another user to whitelist or not block a
>user at spam.com.
> > >So if I use a filename of user1 at domain.com and user2 at domain.com does
this
> >in
> > >fact make the whitelist and blacklist unique for each user even if
they
>are
> > >in the same domain?
> > >
> > >Mike
> > >
> > >-----Original Message-----
> > >From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK]On
> > >Behalf Of Julian Field
> > >Sent: Tuesday, March 11, 2003 12:44 PM
> > >To: MAILSCANNER at JISCMAIL.AC.UK
> > >Subject: Re: Per User Blacklist and white lists
> > >
> > >
> > >Take a look in the CustomConfig.pm file in recent distributions. This
> > >feature is an example of what you can do with "Custom Functions". You
>will
> > >probably need to change the directories it reads the black/whitelists
>from,
> > >but otherwise it will just work. The code briefly explains what
should go
> > >in the various config files.
> > >
> > >At 18:35 11/03/2003, you wrote:
> > > >Is it possible to have a per user blacklist and whitelist?  Example
in
> >the
> > > >whitelist file:
> > > >
> > > >To:     user-1 at domain.com
> > >/etc/MailScanner/rules/whitelist/user-1-domain.com
> > > >To:     user-2 at domain.com
> > >/etc/MailScanner/rules/whitelist/user-2-domain.com
> > > >FromTo: Default no
> > > >
> > > >
> > > >user-1-domain.com
> > > >
> > > >From: friend at domain.com yes
> > > >From: friend1 at domain.com yes
> > > >From: default no
> > > >
> > > >and so on?
> > > >
> > > >Mike
> > >
> > >--
> > >Julian Field
> > >www.MailScanner.info
> > >Professional Support Services at www.MailScanner.biz
> > >MailScanner thanks transtec Computers for their support
> >
> >--
> >Julian Field
> >www.MailScanner.info
> >Professional Support Services at www.MailScanner.biz
> >MailScanner thanks transtec Computers for their support
>
>--
>Julian Field
>www.MailScanner.info
>Professional Support Services at www.MailScanner.biz
>MailScanner thanks transtec Computers for their support

--
Julian Field
www.MailScanner.info
Professional Support Services at www.MailScanner.biz
MailScanner thanks transtec Computers for their support


This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses
**************************************************************************
*********

More information about the MailScanner mailing list