Whitelist based on recipient

rjette at vzw.blackberry.net rjette at vzw.blackberry.net
Wed Dec 31 00:56:52 GMT 2008

Thanks for the reply. I know that it is not a good idea but I be leave it is my only option.

I am migrating from an old mail system to Postfix. We have some program's that are sales reps use that were developed in house. These programs are used by companies across the country and cannot be changed. They use are MTA to send mail from there addresses to ours. There are hundreds of installations.

I will look into using a ruleset on the scan message setting.

Back to the archives. I'm not familiar with MS rulesets. Does anyone have any links on the subject?


Sent from my Verizon Wireless BlackBerry

-----Original Message-----
From: "Glenn Steen" <glenn.steen at gmail.com>

Date: Wed, 31 Dec 2008 00:03:01 
To: MailScanner discussion<mailscanner at lists.mailscanner.info>
Subject: Re: Whitelist based on recipient

2008/12/30 Guy Story KC5GOI <kc5goi at gmail.com>:
> Ray, I am not 100% sure how to get Postfix to do what you want but on
> MailScanner I believe you need to add an entry to your spam whitelist rule
> that reads:
> FromTo:<tab>email at address.com<tab>yes
> You should be able to put your 9 addresses in there and they will be skipped
> for scanning at least for spam content.  I do not recommend doing a wildcard
> then your domain but you could do that.  Make sure the entries are before
> the default action.
There's at least two reasons why this is a bad idea:
1. It will not do what Raymond is after,it'll just skip some of all
the checks, not all of them. to achieve the effect sought after,
Raymond will have to implement a ruleset on the Scan Message setting
instead. Pretty much like for the spam whitelist, but ... est kept
2. Recipient/sender (envelope) addresses are extremely simpleto forge,
and most spam do so on a regular basis... So bypassing all checks will
(eventually) fill those mailboxes with more or less dangerous cr*p,
Perhaps not the brightest of ideas. If one is to do this, one better
have some fairly good protection in place on the exchange host.

The risks should not be taken lightly... the ramifications may affect
all recipients.... and then some:/.

> On Postfix, good luck seems like I have seen a similar request but darned if
> I remember where.
As specified, it simply cannot be done. The smtpd_helo_required "take
effect" way before you have any sender/recipient information to act
upon. The other one could perhaps be avoided by way of an access map,
but ... to what avail?
If it were me, I'd try convince the recipients of the ... less than
briliant... path this is.
Do they have any valid reasons for wanting to be "skipped"?

> Guy
> On Tue, Dec 30, 2008 at 3:10 PM, Raymond Jette <rjette at mestek.com> wrote:
>> Good afternoon,
>> I am running Postfix, Mailscanner, and Spamassassin on my MTA. I have 9
>> mailboxes on an Exchange server that I want to receive all mail. I would
>> like all mail sent to these addresses to bypass all checks at the MTA, MS,
>> and SA.  At the MTA I am using
>> reject_non_fqdn_hostname
>> smtpd_help_required = yes
>> I also need to skip these checks if possible.
>> I have searched the archives and the web but i'm still not sure where to
>> start.
>> Thanks for the help,
>> Ray

-- Glenn
email: glenn < dot > steen < at > gmail < dot > com
work: glenn < dot > steen < at > ap1 < dot > se
MailScanner mailing list
mailscanner at lists.mailscanner.info

Before posting, read http://wiki.mailscanner.info/posting

Support MailScanner development - buy the book off the website!

More information about the MailScanner mailing list