whitelisting/blacklisting without spamassassin

Julian Field MailScanner at ecs.soton.ac.uk
Sat Dec 15 15:08:25 GMT 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



Glenn Steen wrote:
> On 15/12/2007, Neil Spierling <sirvulcan at gmail.com> wrote:
>   
>> Hi,
>>
>> Is there any way to use MailScanners whitelisting and blacklisting
>> features when "Use SpamAssassin" is set to no? Messages pass through
>> spamassassin before they reach their final destination where
>> MailScanner runs. We only use MailScanner for virus and content
>> filtering. I can see MailScanner reads the whitelist and blacklist
>> tables (sql feature from mailwatch) on load but when i send through a
>> test infected message MailScanner blocks the message even through ive
>> whitelisted my address as the from address and target address as the
>> to address.
>>
>> Neil.
>>     
>
> The supplied white/blacklists are for spam, and are really more like
> functional examples...:-).
>   
Very much so. Don't forget that you can add a ruleset to nearly all the 
settings in MailScanner.conf. So you can whitelist them in many, many 
ways. Just decide what tests you want them to run or not run, and add a 
ruleset to them.

To reduce the number of files you have to keep up to date, don't forget 
that you can use the same ruleset file on more than one conf setting. So 
you may decide you want to ignore phishing detection _and_ spam checks 
on mail from your favourite customers. In that case, purely as an 
example, in MailScanner.conf set

Find Phishing Fraud = %rules-dir%/trusted-customers.rules
Spam Checks = %rules-dir%/trusted-customers.rules

To make the web admin of this ruleset even easier, you could use one 
extra feature, so the file that needs editing is simply a list of domain 
names, one per line, with no extra text around it at all. Make your 
trusted-customers.rules file look like this

# Ruleset that returns "no" for our most favourite trusted customers.
From: /etc/MailScanner/customers-domains.txt no
FromOrTo: default yes

and then in /etc/MailScanner/customers-domains.txt, you simply put a 
list of the addresses/domains/regular-expressions/IP-ranges/whatever, 
with nothing else at all. That way no knowledge of MailScanner is needed 
*at all* for whoever maintains the list of customers. So for example, 
/etc/MailScanner/customers-domain.txt could contain

# List of trusted customers and where their mail comes from.
amazon.co.uk
amazon.com
192.68.21.*
/\@google\.(co\.uk|com)$/
your-boss at yahoo.com

So that file contains no MailScanner-specific knowledge at all, it's 
just a list of things we're going to match against to find addresses 
which we don't spam check and anything else we don't do to "trusted 
customers" mail.

Sorry if that's a bit long as an answer, I just wanted to take advantage 
to remind you of some of the configuration flexibility in MailScanner.


> Theoretically you could add the same functions as you did for spam on
> the Virus Scanning and dangerous Content scanning settings... Letting
> lusers decide whether they should check for viruses from some
> senders.... wouldn't be my cup of tea, to say the least, but .... it
> should work. Or use traditional MailScanner rulesets instead, so that
> you keep the administrative control... (msre is nice if you do that,
> and still want a webGUI for it)... Check out the MailScanner wiki for
> ideas and examples and links (http://wiki.mailscanner.info)...
>
> Cheers
>   

Jules

- -- 
Julian Field MEng CITP CEng
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store

MailScanner customisation, or any advanced system administration help?
Contact me at Jules at Jules.FM

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654


-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.7.0 (Build 867)
Comment: Use Thunderbird's Enigmail add-on to verify this message
Charset: ISO-8859-1

wj8DBQFHY+3sEfZZRxQVtlQRAkyHAJ9EQLpBCgAqxccE4/itjsHTOWbJ0wCeK9ql
1Z9+mCW1iRsJ/rTxFyFnZUo=
=dvCG
-----END PGP SIGNATURE-----

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.



More information about the MailScanner mailing list