Whitelist based on recipient

Glenn Steen glenn.steen at gmail.com
Tue Dec 30 23:03:01 GMT 2008 

2008/12/30 Guy Story KC5GOI <kc5goi at gmail.com>:
> Ray, I am not 100% sure how to get Postfix to do what you want but on
> MailScanner I believe you need to add an entry to your spam whitelist rule
> that reads:
>
> FromTo:<tab>email at address.com<tab>yes
>
> You should be able to put your 9 addresses in there and they will be skipped
> for scanning at least for spam content.  I do not recommend doing a wildcard
> then your domain but you could do that.  Make sure the entries are before
> the default action.
>
There's at least two reasons why this is a bad idea:
1. It will not do what Raymond is after,it'll just skip some of all
the checks, not all of them. to achieve the effect sought after,
Raymond will have to implement a ruleset on the Scan Message setting
instead. Pretty much like for the spam whitelist, but ... est kept
separate.
2. Recipient/sender (envelope) addresses are extremely simpleto forge,
and most spam do so on a regular basis... So bypassing all checks will
(eventually) fill those mailboxes with more or less dangerous cr*p,
Perhaps not the brightest of ideas. If one is to do this, one better
have some fairly good protection in place on the exchange host.

The risks should not be taken lightly... the ramifications may affect
all recipients.... and then some:/.

> On Postfix, good luck seems like I have seen a similar request but darned if
> I remember where.
>
As specified, it simply cannot be done. The smtpd_helo_required "take
effect" way before you have any sender/recipient information to act
upon. The other one could perhaps be avoided by way of an access map,
but ... to what avail?
If it were me, I'd try convince the recipients of the ... less than
briliant... path this is.
Do they have any valid reasons for wanting to be "skipped"?

> Guy
>
> On Tue, Dec 30, 2008 at 3:10 PM, Raymond Jette <rjette at mestek.com> wrote:
>>
>> Good afternoon,
>>
>> I am running Postfix, Mailscanner, and Spamassassin on my MTA. I have 9
>> mailboxes on an Exchange server that I want to receive all mail. I would
>> like all mail sent to these addresses to bypass all checks at the MTA, MS,
>> and SA.  At the MTA I am using
>> reject_non_fqdn_hostname
>> smtpd_help_required = yes
>>
>> I also need to skip these checks if possible.
>>
>> I have searched the archives and the web but i'm still not sure where to
>> start.
>>
>> Thanks for the help,
>> Ray

Cheers
-- 
-- Glenn
email: glenn < dot > steen < at > gmail < dot > com
work: glenn < dot > steen < at > ap1 < dot > se

More information about the MailScanner mailing list