whitelisting/blacklisting without spamassassin
MailScanner at ecs.soton.ac.uk
Sat Dec 15 15:08:25 GMT 2007
-----BEGIN PGP SIGNED MESSAGE-----
Glenn Steen wrote:
> On 15/12/2007, Neil Spierling <sirvulcan at gmail.com> wrote:
>> Is there any way to use MailScanners whitelisting and blacklisting
>> features when "Use SpamAssassin" is set to no? Messages pass through
>> spamassassin before they reach their final destination where
>> MailScanner runs. We only use MailScanner for virus and content
>> filtering. I can see MailScanner reads the whitelist and blacklist
>> tables (sql feature from mailwatch) on load but when i send through a
>> test infected message MailScanner blocks the message even through ive
>> whitelisted my address as the from address and target address as the
>> to address.
> The supplied white/blacklists are for spam, and are really more like
> functional examples...:-).
Very much so. Don't forget that you can add a ruleset to nearly all the
settings in MailScanner.conf. So you can whitelist them in many, many
ways. Just decide what tests you want them to run or not run, and add a
ruleset to them.
To reduce the number of files you have to keep up to date, don't forget
that you can use the same ruleset file on more than one conf setting. So
you may decide you want to ignore phishing detection _and_ spam checks
on mail from your favourite customers. In that case, purely as an
example, in MailScanner.conf set
Find Phishing Fraud = %rules-dir%/trusted-customers.rules
Spam Checks = %rules-dir%/trusted-customers.rules
To make the web admin of this ruleset even easier, you could use one
extra feature, so the file that needs editing is simply a list of domain
names, one per line, with no extra text around it at all. Make your
trusted-customers.rules file look like this
# Ruleset that returns "no" for our most favourite trusted customers.
From: /etc/MailScanner/customers-domains.txt no
FromOrTo: default yes
and then in /etc/MailScanner/customers-domains.txt, you simply put a
list of the addresses/domains/regular-expressions/IP-ranges/whatever,
with nothing else at all. That way no knowledge of MailScanner is needed
*at all* for whoever maintains the list of customers. So for example,
/etc/MailScanner/customers-domain.txt could contain
# List of trusted customers and where their mail comes from.
your-boss at yahoo.com
So that file contains no MailScanner-specific knowledge at all, it's
just a list of things we're going to match against to find addresses
which we don't spam check and anything else we don't do to "trusted
Sorry if that's a bit long as an answer, I just wanted to take advantage
to remind you of some of the configuration flexibility in MailScanner.
> Theoretically you could add the same functions as you did for spam on
> the Virus Scanning and dangerous Content scanning settings... Letting
> lusers decide whether they should check for viruses from some
> senders.... wouldn't be my cup of tea, to say the least, but .... it
> should work. Or use traditional MailScanner rulesets instead, so that
> you keep the administrative control... (msre is nice if you do that,
> and still want a webGUI for it)... Check out the MailScanner wiki for
> ideas and examples and links (http://wiki.mailscanner.info)...
Julian Field MEng CITP CEng
Buy the MailScanner book at www.MailScanner.info/store
MailScanner customisation, or any advanced system administration help?
Contact me at Jules at Jules.FM
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.7.0 (Build 867)
Comment: Use Thunderbird's Enigmail add-on to verify this message
-----END PGP SIGNATURE-----
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the MailScanner